3 matches found
CVE-2025-53839 DRACOON Branding Service vulnerable to Cross-site Scripting
DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...
CVE-2025-53839 DRACOON Branding Service vulnerable to Cross-site Scripting
DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...
CVE-2025-53839
CVE-2025-53839 affects DRACOON Branding Service (pre-2.10.0). The vulnerability is cross-site scripting caused by improper neutralization of input from administrative users, potentially injecting HTML into the workflow for newly onboarded users. A fix was made available in version 2.10.0 and roll...