CVE-2025-68927 | abhinavxd libredesk up to 0.8.5 notes cross site scripting (GHSA-wh6m-h6f4-rjf4)

Inserito da Angelo Barbosa | Dic 27, 2025 | CVE

A vulnerability described as problematic has been identified in abhinavxd libredesk up to 0.8.5. This impacts an unknown function of the file /api/v1/contacts/{id}/notes. The manipulation results in cross site scripting.

This vulnerability is known as CVE-2025-68927. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is recommended.

CVE-2025-68927 | abhinavxd libredesk up to 0.8.5 notes cross site scripting (GHSA-wh6m-h6f4-rjf4)

Post correlati

CVE-2024-3553 | Tutor LMS Plugin up to 2.6.2 on WordPress Options Update authorization

CVE-2025-0504 | Black Duck SCA prior 2025.10.0 Project Configuration privileges assignment

CVE-2024-6380 | Dassault Systèmes ENOVIA Collaborative Industry Innovator cross site scripting

CVE-2024-9895 | Smart Online Order for Clover Plugin up to 1.5.7 on WordPress Shortcode moo_receipt_link cross site scripting