3 matches found
CVE-2025-23544
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in heart5 StatPressCN statpresscn allows Reflected XSS.This issue affects StatPressCN: from n/a through = 1.9.1...
CVE-2025-23544
CVE-2025-23544 corresponds to a Reflected XSS in heart5 StatPressCN. Affected: StatPressCN versions up to 1.9.1. Root cause: Improper input neutralization during web page generation. Impact: Reflected injection that may trigger script execution in affected users’ browsers. Public details in conne...
PT-2025-4932 · Unknown · Heart5 Statpresscn
Name of the Vulnerable Software and Affected Versions: heart5 StatPressCN versions 1.9.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This enables attackers to inject malicious script...