EUVD-2025-16004

Malicious code in bioql PyPI...

CVE-2025-1419

Input provided in comment section of Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has been fixed in 2.17.5 version of Konsola Proget server part of the MDM suite...

CVE-2025-1420

Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has been fixed in 2.17.5 version of Konsola Proget server part of the MDM suite...

CVE-2025-1420

CVE-2025-1420 affects Konsola Proget (server component of the MDM suite). The issue arises from unsanitized input in the activationMessage field, enabling a Stored Cross-Site Scripting attack by a high-privileged user. Estimated CVSS v4 base score 2.4 (LOW); attack vector Adjacent, privileges req...

CVE-2025-1419 XSS in Proget MDM

Input provided in comment section of Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has been fixed in 2.17.5 version of Konsola Proget server part of the MDM suite...

PT-2025-22353 · Microsoft +1 · Office Excel +1

Name of the Vulnerable Software and Affected Versions: Konsola Proget server part of the MDM suite versions prior to 2.17.5 Description: The issue arises when data provided in a request to the server during new device activation is stored in a database. High-privileged users who download this dat...