Close Menu
    DevStackTipsDevStackTips
    • Home
    • News & Updates
      1. Tech & Work
      2. View All

      The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

      August 8, 2025

      This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

      August 8, 2025

      Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

      August 7, 2025

      OpenAI launches GPT-5

      August 7, 2025

      Lenovo Legion Go 2 vs Legion Go — How Do These Gaming Handhelds Compare Based on Rumored Specs?

      August 8, 2025

      9 Default Settings in Windows 11 You Didn’t Know Could Affect Performance and Privacy

      August 8, 2025

      DICE Responds to Battlefield 6 Community: Key Updates on Map Flow and Class Mechanics

      August 8, 2025

      Microsoft Teases ‘Agentic OS’ in 2030 Vision—Is Windows About to Think for Itself?

      August 8, 2025
    • Development
      1. Algorithms & Data Structures
      2. Artificial Intelligence
      3. Back-End Development
      4. Databases
      5. Front-End Development
      6. Libraries & Frameworks
      7. Machine Learning
      8. Security
      9. Software Engineering
      10. Tools & IDEs
      11. Web Design
      12. Web Development
      13. Web Security
      14. Programming Languages
        • PHP
        • JavaScript
      Featured

      How to install stream to IoT platform — Total.js

      August 8, 2025
      Recent

      How to install stream to IoT platform — Total.js

      August 8, 2025

      Heart Disease Prediction using Python & Machine Learning

      August 8, 2025

      How JavaScript really evolves, the inside story

      August 8, 2025
    • Operating Systems
      1. Windows
      2. Linux
      3. macOS
      Featured

      Lenovo Legion Go 2 vs Legion Go — How Do These Gaming Handhelds Compare Based on Rumored Specs?

      August 8, 2025
      Recent

      Lenovo Legion Go 2 vs Legion Go — How Do These Gaming Handhelds Compare Based on Rumored Specs?

      August 8, 2025

      9 Default Settings in Windows 11 You Didn’t Know Could Affect Performance and Privacy

      August 8, 2025

      DICE Responds to Battlefield 6 Community: Key Updates on Map Flow and Class Mechanics

      August 8, 2025
    • Learning Resources
      • Books
      • Cheatsheets
      • Tutorials & Guides
    Home»Security»Common Vulnerabilities and Exposures (CVEs)»CVE-2025-46338 – Audiobookshelf Reflected Cross-Site Scripting (XSS) Vulnerability

    CVE-2025-46338 – Audiobookshelf Reflected Cross-Site Scripting (XSS) Vulnerability

    April 29, 2025

    CVE ID : CVE-2025-46338

    Published : April 29, 2025, 5:15 a.m. | 1 hour, 40 minutes ago

    Description : Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.21.0, an improper input handling vulnerability in the `/api/upload` endpoint allows an attacker to perform a reflected cross-site scripting (XSS) attack by submitting malicious payloads in the `libraryId` field. The unsanitized input is reflected in the server’s error message, enabling arbitrary JavaScript execution in a victim’s browser. This issue has been patched in version 2.21.0.

    Severity: 0.0 | NA

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    Source: Read More

    Facebook Twitter Reddit Email Copy Link
    Previous ArticleCVE-2025-46343 – n8n Stored XSS Vulnerability
    Next Article CVE-2025-46330 – Snowflake libsnowflakeclient HTTP Request Retry Denial of Service

    Related Posts

    Development

    Black Hat USA 2025: Does successful cybersecurity today increase cyber-risk tomorrow?

    August 8, 2025
    Development

    Black Hat USA 2025: Policy compliance and the myth of the silver bullet

    August 8, 2025
    Leave A Reply Cancel Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

    Continue Reading

    I tested Panasonic’s new affordable LED TV model – here’s my brutally honest buying advice

    News & Updates

    Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them.

    Security

    bmk is a command-line bookmark manager

    Linux

    CVE-2024-48853 – ASPECT Escalation of Privilege Vulnerability

    Common Vulnerabilities and Exposures (CVEs)

    Highlights

    Cascading Layouts: A Workshop on Resilient CSS Layouts

    April 10, 2025

    If I were starting with CSS today for the very first time, I would first…

    Better defaults for your Laravel applications with Essentials

    June 12, 2025

    CVE-2025-5700 – WordPress Simple Logo Carousel Stored Cross-Site Scripting Vulnerability

    June 17, 2025

    PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433)

    April 22, 2025
    © DevStackTips 2025. All rights reserved.
    • Contact
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.