CVE-2025-65572 | AllskyTeam AllSky 2024.12.06 status_messages.php showMessages config/filename/extratext cross site scripting

Inserito da Angelo Barbosa | Dic 10, 2025 | CVE

A vulnerability, which was classified as problematic, was found in AllskyTeam AllSky 2024.12.06. Affected by this issue is the function showMessages of the file status_messages.php. Executing manipulation of the argument config/filename/extratext can lead to cross site scripting.

This vulnerability is tracked as CVE-2025-65572. The attack can be launched remotely. No exploit exists.

CVE-2025-65572 | AllskyTeam AllSky 2024.12.06 status_messages.php showMessages config/filename/extratext cross site scripting

Post correlati

CVE-2024-13471 | designthemes DesignThemes Core Features Plugin up to 4.7 on WordPress dt_process_imported_file path traversal

CVE-2024-12247 | Mattermost up to 9.7.5/9.8.2/9.9.2 Scheme Update authorization

CVE-2024-35583 | SourceCodester Laboratory Management System 1.0 Remarks cross site scripting

CVE-2025-5222 | ICU 76.0.1 SRBRoot::addTag stack-based overflow