CVE-2025-24966 | yogeshojha rengine up to 2.2.0 Target Organization/Target Description cross site scripting (GHSA-4phc-m2wm-p8x6)

Posted by Angelo Barbosa | Feb 4, 2025 | CVE

A vulnerability, which was classified as problematic, was found in yogeshojha rengine up to 2.2.0. Affected is an unknown function. The manipulation of the argument Target Organization/Target Description leads to cross site scripting.

This vulnerability is traded as CVE-2025-24966. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-24966 | yogeshojha rengine up to 2.2.0 Target Organization/Target Description cross site scripting (GHSA-4phc-m2wm-p8x6)

Related Posts

CVE-2024-9465 | Palo Alto Expedition up to 1.2.95 sql injection

CVE-2024-7459 | OSWAPP Warehouse Inventory System 1.0/2.0 /edit_account.php cross-site request forgery

CVE-2025-24506 | Broadcom Symantec Privileged Access Management up to 3.4.6/4.1.8/4.2.0 PAM information disclosure

CVE-2024-10299 | PHPGurukul Medical Card Generation System 1.0 Managecard View Detail Page view-card-detail.php viewid sql injection