CVE-2025-46657 | Karaz Karazal up to 2025-04-14 Default URI lang cross site scripting

Inserito da Angelo Barbosa | Apr 27, 2025 | CVE

A vulnerability has been found in Karaz Karazal up to 2025-04-14 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Default URI Handler. The manipulation of the argument lang leads to cross site scripting.

This vulnerability is known as CVE-2025-46657. The attack can be launched remotely. There is no exploit available.

CVE-2025-46657 | Karaz Karazal up to 2025-04-14 Default URI lang cross site scripting

Post correlati

CVE-2024-49411 | Samsung Devices ThemeCenter path traversal

CVE-2024-40601 | MediaWikiChat Extension up to 1.42.1 on MediaWiki API Module cross-site request forgery

CVE-2025-33072 | Microsoft msagsfeedback.azurewebsites.net access control

CVE-2025-25206 | eLabFTW up to 5.1.14 Setting sql injection (GHSA-qffc-rfjh-77gg)