Количество 2
Количество 2
CVE-2025-25477
A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser.
GHSA-jv4p-6m84-hhpv
A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-25477 A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser. | CVSS3: 8.1 | 0% Низкий | 12 месяцев назад |
| GHSA-jv4p-6m84-hhpv A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser. | CVSS3: 8.1 | 0% Низкий | 12 месяцев назад |
Уязвимостей на страницу