CVE-2025-48884 | Galette up to 1.1.x Document Type cross site scripting

Inserito da Angelo Barbosa | Nov 4, 2025 | CVE

A vulnerability identified as problematic has been detected in Galette up to 1.1.x. This affects an unknown function of the component Document Type Handler. This manipulation causes basic cross site scripting.

This vulnerability is tracked as CVE-2025-48884. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.

CVE-2025-48884 | Galette up to 1.1.x Document Type cross site scripting

Post correlati

CVE-2024-34883 | 1C-Bitrix Bitrix24 23.300.100 DAV ServerSetting insufficiently protected credentials

CVE-2021-47004 | Linux Kernel up to 5.10.37/5.11.21/5.12.4 f2fs get_victim allocation of resources

CVE-2024-25201 | Espruino 2v20 src/jsvar.c jsvStringIteratorPrintfCallback out-of-bounds

CVE-2025-9148 | CodePhiliaX Chat2DB up to 0.3.7 JDBC Connection DataSourceController.java sql injection