Количество 3
Количество 3
CVE-2025-37732
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an authenticated user to render HTML tags within a user’s browser via the integration package upload functionality. This issue is related to ESA-2025-17 (CVE-2025-25018) bypassing that fix to achieve HTML injection.
CVE-2025-37732
Improper neutralization of input during web page generation ('Cross-si ...
GHSA-97mj-r9v7-258f
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an authenticated user to render HTML tags within a user’s browser via the integration package upload functionality. This issue is related to ESA-2025-17 (CVE-2025-25018) bypassing that fix to achieve HTML injection.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-37732 Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an authenticated user to render HTML tags within a user’s browser via the integration package upload functionality. This issue is related to ESA-2025-17 (CVE-2025-25018) bypassing that fix to achieve HTML injection. | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-37732 Improper neutralization of input during web page generation ('Cross-si ... | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
| GHSA-97mj-r9v7-258f Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an authenticated user to render HTML tags within a user’s browser via the integration package upload functionality. This issue is related to ESA-2025-17 (CVE-2025-25018) bypassing that fix to achieve HTML injection. | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу