CVE-2025-13505

Datateam Datactive contains a Stored XSS vulnerability due to improper neutralization of user input during web page generation and script-related HTML tags. Affected versions are 2.13.34 up to, but not including, 2.14.0.6. The issue allows attackers to inject and execute malicious scripts in page...

PT-2023-17883 · Chatwoot · Chatwoot

Name of the Vulnerable Software and Affected Versions: chatwoot/chatwoot versions prior to 2.14.0 Description: The issue is related to Cross-site Scripting XSS - DOM, which allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized access or control...