2 matches found
CVE-2025-48349
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in origincode Video Gallery – Vimeo and YouTube Gallery smart-grid-gallery allows Stored XSS.This issue affects Video Gallery – Vimeo and YouTube Gallery: from n/a through = 1.1.7...
PT-2025-2476 · Unknown · Blossom Shop
Name of the Vulnerable Software and Affected Versions: Blossom Shop versions 1.1.7 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by tricking the user into...