MEDIUM🇬🇧 English

CVE-2025-52344

CVSS 6.1v3.1pub. 2025-09-15upd. 2026-02-05

Multiple Cross Site Scripting (XSS) vulnerabilities in input fields in Explorance Blue 8.1.2 allows attackers to inject arbitrary JavaScript code on the user's browser via the Group name and Project Description input fields.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
  • Explorance Blue

    APP
    Explorance
    8.1.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2025-57792CRITICAL10.0PL ✓ten sam produkt

SQL Injection bez uwierzytelnienia w Explorance Blue (CVE-2025-57792)

CVE-2025-57794CRITICAL9.1PL ✓ten sam produkt

RCE przez unrestricted file upload w Explorance Blue (panel admina)

CVE-2025-57795CRITICAL9.9PL ✓ten sam produkt

RCE przez podatny upload plików w Explorance Blue (CVE-2025-57795)

CVE-2025-57793HIGH8.6ten sam produkt

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validati...

CVE-2025-57796MEDIUM6.8ten sam produkt

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to p...