CVE-2025-56154 | htmly 3.0.8 /author/:name Name cross site scripting

Inserito da Angelo Barbosa | Ott 2, 2025 | CVE

A vulnerability was found in htmly 3.0.8. It has been classified as problematic. Impacted is an unknown function of the file /author/:name. Performing manipulation of the argument Name results in cross site scripting.

This vulnerability was named CVE-2025-56154. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is recommended.

CVE-2025-56154 | htmly 3.0.8 /author/:name Name cross site scripting

Post correlati

CVE-2024-45102 | Lenovo XClarity Administrator up to 4.0 cleartext transmission

CVE-2024-47149 | Honor Magic OS up to 7.2.0.102 denial of service

CVE-2024-1861 | Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan Plugin Table Truncation authorization

CVE-2024-13521 | ghera74 MailUp Auto Subscription Plugin up to 1.1.0 on WordPress mas_options cross-site request forgery