6 matches found
CVE-2025-1585
A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html. The manipulation of the argument logourl leads to cross site scripting. The...
CVE-2025-1585
creationtimestamp| type| source ---|---|--- 2025-02-23 14:21:36+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5093 2025-02-23 16:27:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3liuatiiv3t2k 2025-02-23 17:38:06+00:00| seen|...
CVE-2025-1585
A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html. The manipulation of the argument logourl leads to cross site scripting. The...
CVE-2025-1585
Tale Blog (otale tale) up to version 2.0.5 is affected. The vulnerability resides in the OptionsService function (src/main/resources/templates/themes/default/partial/header.html) where manipulating the logo_url argument enables cross-site scripting. The issue can be exploited remotely and the pub...
CVE-2025-1585 otale header.html OptionsService cross site scripting
A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html. The manipulation of the argument logourl leads to cross site scripting. The...
CVE-2025-1585 otale header.html OptionsService cross site scripting
A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html. The manipulation of the argument logourl leads to cross site scripting. The...