CVE-2025-45091

Seafile versions 11.0.18-Pro, 12.0.10, and 12.0.10-Pro are vulnerable to a stored Cross-Site Scripting XSS attack. An authenticated attacker can exploit this vulnerability by modifying their username to include a malicious XSS payload in notification and activities...