CVE-2025-40633 | Koibox Profile Picture ficha cross site scripting (e8cbce2)

Inserito da Angelo Barbosa | Mag 20, 2025 | CVE

A vulnerability was found in Koibox. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /es/dashboard/clientes/ficha/ of the component Profile Picture Handler. The manipulation leads to cross site scripting.

This vulnerability is handled as CVE-2025-40633. The attack may be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-40633 | Koibox Profile Picture ficha cross site scripting (e8cbce2)

Post correlati

CVE-2024-50340 | Symfony input validation

CVE-2024-11205 | WPForms 1.8.4/1.9.2.1 on WordPress Subscription authorization

CVE-2024-28033 | LunarNight Laboratory WebProxy 1.7.8/1.7.9 os command injection

CVE-2022-47072 | Sparx Enterprise Architect 16.0.1605 on 32-bit Select Classifier Dialog Box Find sql injection