3 matches found
PT-2025-25678 · Nasa Core · Nasa Core
Name of the Vulnerable Software and Affected Versions: Nasa Core versions through 6.3.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For versions through 6.3.2, update...
CVE-2025-49067
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NasaTheme Nasa Core nasa-core allows Stored XSS.This issue affects Nasa Core: from n/a through 6.4.1...
PT-2025-24090 · Nasa Core · Nasa Core
Name of the Vulnerable Software and Affected Versions: Nasa Core versions prior to 6.4.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that an attacker can inject malicious...