7 matches found
CVE-2025-40992
Stored XSS vulnerability in Creativeitem Sociopro due to lack of proper validation of user inputs via the endpoint '/sociopro/profile/updateprofile', affecting to 'name' parameter via POST. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and...
EUVD-2025-32101
Malicious code in bioql PyPI...
CVE-2025-40992
Stored XSS vulnerability in Creativeitem Sociopro due to lack of proper validation of user inputs via the endpoint '/sociopro/profile/updateprofile', affecting to 'name' parameter via POST. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and...
CVE-2025-40992
CVE-2025-40992 is a Stored XSS vulnerability in Creativeitem Sociopro, affecting the /sociopro/profile/update_profile endpoint where the POSTed name parameter is insufficiently validated. Attackers could inject script that may be executed in an authenticated user’s context, with potential cookie/...
CVE-2025-40992 Stored XSS in Creativeitem Sociopro
Stored XSS vulnerability in Creativeitem Sociopro due to lack of proper validation of user inputs via the endpoint '/sociopro/profile/updateprofile', affecting to 'name' parameter via POST. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and...
CVE-2025-40992 Stored XSS in Creativeitem Sociopro
Stored XSS vulnerability in Creativeitem Sociopro due to lack of proper validation of user inputs via the endpoint '/sociopro/profile/updateprofile', affecting to 'name' parameter via POST. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and...
PT-2025-40339
Name of the Vulnerable Software and Affected Versions Creativeitem Sociopro affected versions not specified Description A stored cross-site scripting XSS issue exists in Creativeitem Sociopro due to insufficient validation of user-supplied data. The issue is present in the /sociopro/profile/updat...