2 matches found
CVE-2025-62716
Plane is open-source project management software. Prior to version 1.1.0, an open redirect vulnerability in the ?nextpath query parameter allows attackers to supply arbitrary schemes e.g., javascript: that are passed directly to router.push. This results in a cross-site scripting XSS vulnerabilit...
PT-2025-32596
Name of the Vulnerable Software and Affected Versions: Stirling-PDF versions prior to 1.1.0 Description: Stirling-PDF is a locally hosted web application used for PDF file operations. Prior to version 1.1.0, the application is susceptible to Server-Side Request Forgery SSRF when utilizing the...