CVE-2025-27108 | ryansolid dom-expressions up to 0.39.4 replace cross site scripting (GHSA-hw62-58pr-7wc5)

Posted by Angelo Barbosa | Feb 22, 2025 | CVE

A vulnerability was found in ryansolid dom-expressions up to 0.39.4. It has been declared as problematic. This vulnerability affects the function replace. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2025-27108. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-27108 | ryansolid dom-expressions up to 0.39.4 replace cross site scripting (GHSA-hw62-58pr-7wc5)

Related Posts

CVE-2024-45595 | man-group dtale up to 3.14.0 cross site scripting (GHSA-pw44-4h99-wqff)

CVE-2024-22416 | pyLoad up to 0.5.0b3.dev77 API cross-site request forgery (GHSA-pgpj-v85q-h5fm)

CVE-2024-20130 | MediaTek MT8796 Power stack-based overflow (MSV-1982 / ALPS09193374)

CVE-2024-43837 | Linux Kernel up to 6.1.102/6.6.43/6.10.2 bpf resolve_prog_type null pointer dereference