CVE-2025-40638 | Eventobot /search-results Name cross site scripting

Inserito da Angelo Barbosa | Mar 9, 2026 | CVE

A vulnerability, which was classified as problematic, was found in Eventobot. This impacts an unknown function of the file /search-results. Such manipulation of the argument Name leads to cross site scripting.

This vulnerability is referenced as CVE-2025-40638. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-40638 | Eventobot /search-results Name cross site scripting

Post correlati

CVE-2024-43404 | NicPWNs MEGABOT up to 1.4.x /math eval expression neutralization of directives (ID 137)

CVE-2024-27347 | Apache HugeGraph-Hubble up to 1.2.x Hubble Connection Page server-side request forgery

CVE-2026-25993 | evershopcommerce evershop up to 2.1.0 execute sql injection (GHSA-3h84-9rhc-j2ch)

CVE-2024-3015 | SourceCodester Simple Subscription Website 1.0 manage_plan.php id sql injection