Launch Week Day 1: Announcing Security Design Review

Algernon Cross-Site Scripting vulnerability

GHSA-8jqm-8qm3-qgqm · CVE-2025-65754 · GO-2025-4228

Published Dec 10, 2025 · Modified Dec 18, 2025

Description

Cross-site Scripting vulnerability in Algernon v1.17.4 allows attackers to execute arbitrary code via injecting a crafted payload into a filename.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes