No analysis available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2025-14891 | Cross-Site Scripting (XSS) vulnerability was discovered in the Pichome system v2.1.0 and before. The vulnerability exists due to insufficient sanitization of user input in the login form. An attacker can inject malicious JavaScript code into the username or password fields during the login process |
| Link | Providers |
|---|---|
| https://github.com/zyx0814/Pichome/issues/50 |
|
Thu, 15 May 2025 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-79 | |
| Metrics |
cvssV3_1
|
Wed, 14 May 2025 21:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Cross-Site Scripting (XSS) vulnerability was discovered in the Pichome system v2.1.0 and before. The vulnerability exists due to insufficient sanitization of user input in the login form. An attacker can inject malicious JavaScript code into the username or password fields during the login process | |
| References |
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-05-15T13:53:29.375Z
Reserved: 2025-04-22T00:00:00.000Z
Link: CVE-2025-44024
Updated: 2025-05-15T13:52:40.144Z
Status : Deferred
Published: 2025-05-14T21:15:59.077
Modified: 2026-06-17T09:24:56.373
Link: CVE-2025-44024
No data.
OpenCVE Enrichment
No data.
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
EUVD