CVE-2025-47675 – Woobox Cross-Site Scripting (XSS)

May 7, 2025

CVE ID : CVE-2025-47675

Published : May 7, 2025, 3:16 p.m. | 20 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in woobox Woobox allows DOM-Based XSS. This issue affects Woobox: from n/a through 1.6.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47676 – Faiyaz Alam User Login History Stored Cross-site Scripting

Next Article CVE-2025-47669 – Sabuj Kundu CBX Map for Google Map & OpenStreetMap Cross-site Scripting

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

Summer Game Fest had a bit of a “weird” vibe this year — an extremely mixed bag of weak presentations and interesting titles

The Lenovo Legion Go 2 gets its first release date tease, which could be accurate — but treat with the biggest pinch of salt

Denmark will stick with Windows — government still plans to ditch Microsoft Office

OneDrive user locked out of “30 years worth of photos and work” without any support — calls Microsoft a “Kafkaesque black hole”

Best PHP Project for Final Year Students: Learn, Build, and get Successful with PHPGurukul

Best PHP Project for Final Year Students: Learn, Build, and get Successful with PHPGurukul

Community News: Latest PECL Releases (06.24.2025)

JSON module scripts are now Baseline Newly Available

Summer Game Fest had a bit of a “weird” vibe this year — an extremely mixed bag of weak presentations and interesting titles

Summer Game Fest had a bit of a “weird” vibe this year — an extremely mixed bag of weak presentations and interesting titles

The Lenovo Legion Go 2 gets its first release date tease, which could be accurate — but treat with the biggest pinch of salt

Denmark will stick with Windows — government still plans to ditch Microsoft Office

CVE-2025-47675 – Woobox Cross-Site Scripting (XSS)

Multiple vulnerabilities in Sitecore CMS | Kaspersky official blog

Don’t panic, but it’s only a matter of time before critical ‘CitrixBleed 2’ is under attack

Samsung takes on LG’s best gaming TVs — adds NVIDIA G-SYNC support to 2025 flagship

Google Play Console gets a makeover to provide app developers with easier access to insights into performance and quality

CVE-2025-40575 – SCALANCE LPE9403 Remote Denial of Service (DoS) Vulnerability

This Self-Driving Taxi Could Replace Uber by 2025 — And It’s Backed by Toyota

Design Critique: Framework

DistroWatch Weekly, Issue 1120

Free Bootcamp Self-Learning Full Course in AI Digital Marketing for Children (Ages 6 –12)

CVE-2025-5206 – Pixelimity Installation SQL Injection Vulnerability

CVE-2025-47675 – Woobox Cross-Site Scripting (XSS)

Related Posts