CVE-2025-28958
CVE-2025-28958 is a CSRF to Stored XSS in Bg Orthodox Calendar. Affected software: Bg Orthodox Calendar (from n/a up to version 0.13.10). Root cause: CSRF enabling stored XSS. CVSS 3.1 base score 7.1 (HIGH) with network attack vector, low attack complexity, no privileges, user interaction require...