CVE-2025-49056: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Severity: highType: vulnerabilityCVE-2025-49056
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shen2 多说社会化评论框 allows Reflected XSS. This issue affects 多说社会化评论框: from n/a through 1.2.
CVE-2025-49056: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
High
Published: Thu Aug 14 2025 (08/14/2025, 10:34:15 UTC)
Source: CVE Database V5
Vendor/Project: shen2
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shen2 多说社会化评论框 allows Reflected XSS. This issue affects 多说社会化评论框: from n/a through 1.2.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Patchstack
- Date Reserved
- 2025-05-30T14:04:34.998Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 689dbee2ad5a09ad0059e5e0
Added to database: 8/14/2025, 10:48:02 AM
Last updated: 8/14/2025, 10:48:02 AM
Views: 1
Related Threats
CVE-2025-8957: SQL Injection in Campcodes Online Flight Booking Management System
MediumVulnerabilityThu Aug 14 2025
CVE-2025-54707: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in RealMag777 MDTF
CriticalVulnerabilityThu Aug 14 2025
CVE-2025-54706: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Noor Alam Magical Posts Display
MediumVulnerabilityThu Aug 14 2025
CVE-2025-54705: CWE-862 Missing Authorization in magepeopleteam WpEvently
MediumVulnerabilityThu Aug 14 2025
CVE-2025-54704: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in hashthemes Easy Elementor Addons
MediumVulnerabilityThu Aug 14 2025
Actions
Please log in to the Console to use AI analysis features.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.