CVE-2025-41079 | Seafile 12.0.14 /api/v2.1/user/ Name cross site scripting

Inserito da Angelo Barbosa | Dic 4, 2025 | CVE

A vulnerability categorized as problematic has been discovered in Seafile 12.0.14. Affected by this issue is some unknown functionality of the file /api/v2.1/user/. Executing manipulation of the argument Name can lead to cross site scripting.

This vulnerability appears as CVE-2025-41079. The attack may be performed from remote. There is no available exploit.

CVE-2025-41079 | Seafile 12.0.14 /api/v2.1/user/ Name cross site scripting

Post correlati

CVE-2024-44837 | deathbreak Drug 1.0 beanManager.java user cross site scripting

CVE-2024-49703 | MagePeople Team Event Manager for WooCommerce Plugin up to 4.2.5 on WordPress cross site scripting

CVE-2024-7077 | Semtek Sempos up to 31072024 cross site scripting

CVE-2023-5427 | Arm Bifrost GPU Kernel Driver up to r45p0 use after free