CVE-2025-1076 | Holded Application Activities name/icon cross site scripting

Inserito da Angelo Barbosa | Feb 6, 2025 | CVE

A vulnerability was found in Holded Application. It has been declared as problematic. This vulnerability affects the function Activities. The manipulation of the argument name/icon leads to cross site scripting.

This vulnerability was named CVE-2025-1076. The attack can be initiated remotely. There is no exploit available.

CVE-2025-1076 | Holded Application Activities name/icon cross site scripting

Post correlati

CVE-2024-53964 | Adobe Experience Manager up to 6.5.21 Form Field cross site scripting (apsb24-69)

CVE-2023-7136 | code-projects Record Management System 1.0 Document Type /main/doctype.php docname cross site scripting

CVE-2024-32897 | Google Android kernel protocolsmsadapter.cpp GetCwInfo out-of-bounds

CVE-2024-11082 | Tumult Hype Animations Plugin up to 1.9.15 on WordPress hypeanimations_panel unrestricted upload