CVE-2025-40730
The CVE-2025-40730 entry concerns HTML injection in Vox Media’s Chorus CMS. The vulnerability arises from an injection in the /search?q parameter, allowing an attacker to execute JavaScript in a victim’s browser and potentially steal session cookies or perform actions on behalf of the user. Affec...