CVE-2025-25304 | Vega up to 5.25.x vlSelectionTuples cross site scripting (GHSA-mp7w-mhcv-673j)

Posted by Angelo Barbosa | Feb 15, 2025 | CVE

A vulnerability was found in Vega up to 5.25.x. It has been classified as problematic. Affected is the function vlSelectionTuples. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-25304. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-25304 | Vega up to 5.25.x vlSelectionTuples cross site scripting (GHSA-mp7w-mhcv-673j)

Related Posts

CVE-2023-46749 | Apache Shiro up to 1.12.x/2.0.0-alpha-3 path traversal

CVE-2023-51619 | D-Link DIR-X3260 prog.cgi SetMyDLinkRegistration stack-based overflow

CVE-2024-40506 | openPetra 2023.02 serverMHospitality.asmx cross site scripting

CVE-2024-1947 | GitLab Community Edition/Enterprise Edition up to 16.10.5/16.11.2/17.0.0 API Call resource consumption (Issue 443559)