CVE-2025-47675 – Woobox Cross-Site Scripting (XSS)

May 7, 2025

CVE ID : CVE-2025-47675

Published : May 7, 2025, 3:16 p.m. | 20 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in woobox Woobox allows DOM-Based XSS. This issue affects Woobox: from n/a through 1.6.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47676 – Faiyaz Alam User Login History Stored Cross-site Scripting

Next Article CVE-2025-47669 – Sabuj Kundu CBX Map for Google Map & OpenStreetMap Cross-site Scripting

10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

Looking to Outsource React.js Development? Here’s What Top Agencies Are Doing Right

Beyond The Hype: What AI Can Really Do For Product Design

BrowserStack launches Chrome extension that bundles 10+ manual web testing tools

How much RAM does your Linux PC really need in 2025?

Have solar at home? Supercharge that investment with this other crucial component

I replaced my MacBook charger with this compact wall unit – and wish I’d done it sooner

5 reasons to switch to an immutable Linux distro today – and which to try first

Sentry Adds Logs Support for Laravel Apps

Sentry Adds Logs Support for Laravel Apps

Efficient Context Management with Laravel’s Remember Functions

Laravel Devtoolbox: Your Swiss Army Knife Artisan CLI

From plateau predictions to buggy rollouts — Bill Gates’ GPT-5 skepticism looks strangely accurate

From plateau predictions to buggy rollouts — Bill Gates’ GPT-5 skepticism looks strangely accurate

We gave OpenAI’s open-source AI a kid’s test — here’s what happened

With GTA 6, next-gen exclusives, and a console comeback on the horizon, Xbox risks sitting on the sidelines — here’s why

CVE-2025-47675 – Woobox Cross-Site Scripting (XSS)

Workday Staff Fall to Social Engineering; Hackers Access Third-Party CRM Platform

Get Ready for the Black Hat USA 2025 CISO Podcast Series from The Cyber Express and Suraksha Catalyst

Garmin unveils its Apple Ultra Watch 2 competitor, the Venu X1

CVE-2025-34033 – Blue Angel Software Suite OS Command Injection Vulnerability

CVE-2025-4396 – Relevanssi WordPress SQL Injection

CVE-2025-3463 – “ASUS DriverHub HTTP Request Validation Vulnerability”

Your Wemo smart devices are about to get dumb as Belkin pulls the plug

CVE-2025-32400 – RT-Labs P-Net Heap-based Buffer Overflow Vulnerability

Apache Tomcat Vulnerability Let Attackers Bypass Rules & Trigger DoS Condition

CVE-2025-3971 – PHPGurukul COVID19 Testing Management System SQL Injection Vulnerability

CVE-2025-47675 – Woobox Cross-Site Scripting (XSS)

Related Posts