Lucene search
K

4 matches found

NVD
NVD
added 2025/02/18 8:15 a.m.12 views

CVE-2025-0423

In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their...

5.3CVSS0.00459EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/02/18 7:57 a.m.12 views

CVE-2025-0423 Multiple Unauthenticated Stored Cross-Site Scripting

In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their...

5.3CVSS0.00459EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/18 7:57 a.m.3 views

CVE-2025-0423 Multiple Unauthenticated Stored Cross-Site Scripting

In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their...

5.3CVSS6.1AI score0.00459EPSS
Exploits1References1
CVE
CVE
added 2025/02/18 7:57 a.m.55 views

CVE-2025-0423

Cordaware bestinformed Web is affected by CVE-2025-0423 due to improper sanitization of user input, enabling unauthenticated stored cross-site scripting. The vulnerability allows an attacker to inject JavaScript into user sessions and potentially abuse user privileges on the application. The affe...

5.3CVSS6.1AI score0.00459EPSS
Exploits1References1
Rows per page
Query Builder