4 matches found
CVE-2025-0746
creationtimestamp| type| source ---|---|--- 2025-01-30 12:16:10+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxhm4k77n2n 2025-01-30 14:15:52+00:00| seen| https://t.me/cvedetector/16756 2025-01-30 15:24:58+00:00| seen|...
CVE-2025-0746
A Reflected Cross-Site Scripting vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to craft a malicious URL leveraging the"/embedai/users/show/" endpoint to inject the malicious JavaScript code. This JavaScript code will be executed when a...
CVE-2025-0746 Reflected Cross-Site Scripting vulnerability in EmbedAI
A Reflected Cross-Site Scripting vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to craft a malicious URL leveraging the"/embedai/users/show/" endpoint to inject the malicious JavaScript code. This JavaScript code will be executed when a...
CVE-2025-0746
CVE-2025-0746 concerns EmbedAI (≤2.1). A reflected XSS flaw exists in the /embedai/users/show/ endpoint, enabling an authenticated attacker to craft a malicious URL that injects JavaScript executed when the target user opens it. Affected products: EmbedAI versions 2.1 and earlier. The provided so...