2 matches found
Exploit for CVE-2025-69993
Leaflet XSS POC Proof of Concept for CVE-2025-69993 — XSS vul...
PT-2026-32628
Name of the Vulnerable Software and Affected Versions Leaflet versions prior to 1.9.5 Description Cross-Site Scripting XSS occurs via the bindPopup function. This function renders user-supplied input as raw HTML without sanitization, which allows the injection of arbitrary JavaScript code through...