CVE-2025-62716 | makeplane up to 1.0.x next_path cross site scripting (GHSA-6fj7-xgpg-mj6f)

Inserito da Angelo Barbosa | Ott 25, 2025 | CVE

A vulnerability identified as problematic has been detected in makeplane plane up to 1.0.x. The affected element is an unknown function. This manipulation of the argument next_path causes cross site scripting.

This vulnerability appears as CVE-2025-62716. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.

CVE-2025-62716 | makeplane up to 1.0.x next_path cross site scripting (GHSA-6fj7-xgpg-mj6f)

Post correlati

CVE-2024-38319 | IBM Security SOAR 51.0.2.0 code injection (XFDB-294830)

CVE-2025-59017 | TYPO3 up to 9.5.54/10.4.53/11.5.47/12.4.36/13.4.17 Backend Routing authorization

CVE-2024-9835 | RSS Feed Widget Plugin up to 3.0.0 on WordPress $_SERVER[‘REQUEST_URI’] cross site scripting

CVE-2024-7924 | ZZCMS 2023 /I/list.php skin path traversal