Launch Week Day 1: Announcing Security Design Review
Start for Free
UNKNOWN NuGet

Reflected Cross-Site Scripting (XSS) in module actions in edit mode

GHSA-79m3-rvx2-3qq9 · CVE-2025-48377

Published · Modified

Description

A specially crafted URL may be constructed which can inject an XSS payload that is triggered by using some module actions.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes