Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

CVE-2025-48352: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in sitesearch-yandex Yandex Site search pinger

Medium
VulnerabilityCVE-2025-48352cvecve-2025-48352cwe-79
Published: Thu Aug 28 2025 (08/28/2025, 12:37:04 UTC)
Source: CVE Database V5
Vendor/Project: sitesearch-yandex
Product: Yandex Site search pinger

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sitesearch-yandex Yandex Site search pinger allows Stored XSS. This issue affects Yandex Site search pinger: from n/a through 1.5.

Technical Details

Data Version
5.1
Assigner Short Name
Patchstack
Date Reserved
2025-05-19T14:41:42.787Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 68b0537ead5a09ad006cfcb5

Added to database: 8/28/2025, 1:02:54 PM

Last updated: 8/28/2025, 1:02:54 PM

Views: 1

Related Threats

CVE-2025-54742: CWE-502 Deserialization of Untrusted Data in magepeopleteam WpEvently

High
VulnerabilityThu Aug 28 2025

CVE-2025-54738: CWE-288 Authentication Bypass Using an Alternate Path or Channel in NooTheme Jobmonster

Critical
VulnerabilityThu Aug 28 2025

CVE-2025-54734: CWE-862 Missing Authorization in bPlugins B Slider

Medium
VulnerabilityThu Aug 28 2025

CVE-2025-54733: CWE-862 Missing Authorization in Miles All Bootstrap Blocks

Medium
VulnerabilityThu Aug 28 2025

CVE-2025-54731: CWE-94 Improper Control of Generation of Code ('Code Injection') in emarket-design YouTube Showcase

High
VulnerabilityThu Aug 28 2025

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats