4 matches found
CVE-2025-60298
Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and...
CVE-2025-60298
Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and...
CVE-2025-60298
Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and...
EUVD-2025-33176
Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and...