3 matches found
CVE-2025-62780
CVE-2025-62780 is a stored XSS in changedetection.io’s Watch update API present in versions prior to 0.50.34. Exploitation involves injecting an unsafe URL as a Watch (either when creating a new watch or updating an existing one); when a user previews, the injected JavaScript payload can execute....
PT-2025-46200
Name of the Vulnerable Software and Affected Versions changedetection.io versions prior to 0.50.34 Description A Stored Cross Site Scripting issue exists in changedetection.io’s Watch update API due to inadequate security checks. An attacker can insert a new watch with a URL pointing to a web pag...
changedetection.io 跨站脚本漏洞
changedetection.io is a website change detection, monitoring, and notification application by the individual developers at dgtlmoon. A cross-site scripting vulnerability exists in changedetection.io versions prior to 0.50.34, which stems from insufficient security checks and could lead to a store...