CVE-2025-13902
CVE-2025-13902 describes a Cross-site Scripting (CWE-79) vulnerability that can allow an authenticated attacker to cause a victim’s browser to execute arbitrary JavaScript when the victim visits a page containing a crafted element with the injected payload. The CVSS score is 5.1 (Medium) with NET...