CVE-2025-11276 | Rebuild up to 4.1.3 Comment/Guestbook cross site scripting

A vulnerability marked as problematic has been reported in Rebuild up to 4.1.3. Affected by this issue is some unknown functionality of the component Comment/Guestbook. Performing manipulation results in cross site scripting.

This vulnerability is cataloged as CVE-2025-11276. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

It is suggested to upgrade the affected component.

According to the researcher the vendor has confirmed the flaw and fix in a private issue response.

CVE-2025-11276 | Rebuild up to 4.1.3 Comment/Guestbook cross site scripting

Post correlati

CVE-2024-1825 | CodeAstro House Rental Management System 1.0 User Registration Page address cross site scripting

CVE-2025-10421 | SourceCodester Student Grading System 1.0 /update_account.php ID sql injection

CVE-2024-38678 | Calendar.online Plugin/Kalender.digital Plugin up to 1.0.8 on WordPress cross site scripting

CVE-2023-52305 | Paddle up to 2.5.x divide by zero (pdsa-2023-014)