CVE-2025-15454 | zhanglun lettura up to 0.1.22 RSS ContentRender.tsx cross site scripting

Inserito da Angelo Barbosa | Gen 4, 2026 | CVE

A vulnerability classified as problematic was found in zhanglun lettura up to 0.1.22. This issue affects some unknown processing of the file src/components/ArticleView/ContentRender.tsx of the component RSS Handler. The manipulation results in cross site scripting.

This vulnerability is identified as CVE-2025-15454. The attack can be executed remotely. Additionally, an exploit exists.

It is best practice to apply a patch to resolve this issue.

CVE-2025-15454 | zhanglun lettura up to 0.1.22 RSS ContentRender.tsx cross site scripting

Post correlati

CVE-2024-41147 | Miniaudio 0.11.21 ma_dr_flac__decode_samples__lpc heap-based overflow (TALOS-2024-2063)

CVE-2024-39801 | Wavlink AC3000 M33A8.V5030.210505 qos.cgi qos_settings qos_bandwidth buffer overflow (TALOS-2024-2049)

CVE-2024-31840 | Italtel 1.6.4 Edit Form sensitive information in source

CVE-2025-64713 | bytecodealliance wasm-micro-runtime up to 2.4.3 memory corruption (GHSA-gvx3-gg3x-rjcx)