CVE-2025-12518 | Bee Content Design Befree SDK up to 3.46.x Content Security Policy cross site scripting

Inserito da Angelo Barbosa | Mar 18, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Bee Content Design Befree SDK up to 3.46.x. Affected by this vulnerability is an unknown functionality of the component Content Security Policy Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-12518. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2025-12518 | Bee Content Design Befree SDK up to 3.46.x Content Security Policy cross site scripting

Post correlati

CVE-2026-4165 | Worksuite HR, CRM and Project Management up to 5.5.25 /account/orders/create Client Note cross site scripting

CVE-2025-14212 | projectworlds Advanced Library Management System 1.0 /member_search.php roll_number sql injection

CVE-2025-10291 | linlinjava litemall up to 1.8.0 /wx/aftersale/cancel WxAftersaleController ID improper authorization

CVE-2023-47322 | Silverpeas Core 6.3.1 userModify cross-site request forgery