CVE-2025-23890 - CERT CVE

  1. CVE-2025-23890

ID CVE-2025-23890
Sažetak Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tom Ewer and Tito Pandu Easy Tweet Embed allows DOM-Based XSS.This issue affects Easy Tweet Embed: from n/a through 1.7.
Reference
CVSS
Base: 6.5
Impact: 3.7
Exploitability:2.3
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
LOW LOW LOW
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Zadnje važnije ažuriranje 16-01-2025 - 21:15
Objavljeno 16-01-2025 - 21:15