CVE-2025-47668 – CookieCode Stored Cross-Site Scripting Vulnerability

May 7, 2025

CVE ID : CVE-2025-47668

Published : May 7, 2025, 3:16 p.m. | 20 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in cookiecode CookieCode allows Stored XSS. This issue affects CookieCode: from n/a through 2.4.4.

Severity: 5.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47669 – Sabuj Kundu CBX Map for Google Map & OpenStreetMap Cross-site Scripting

Next Article CVE-2025-47674 – Credova Financial CSRF

Highlights

CVE-2025-5426 – Juzaweb CMS Menu Page Remote Access Control Vulnerability

June 2, 2025

CVE ID : CVE-2025-5426

Published : June 2, 2025, 3:15 a.m. | 4 hours, 6 minutes ago

Description : A vulnerability was found in juzaweb CMS up to 3.4.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin-cp/menus of the component Menu Page. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

Melissa brings its data quality solutions to Azure with new SSIS integration

Automating Design Systems: Tips And Resources For Getting Started

This $180 mini projector has no business being this good for the price

GPT-5 is finally here, and you can access it for free today – no subscription needed

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Advanced Application Architecture through Laravel’s Service Container Management

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

AI-Driven Smart Tagging and Metadata in AEM Assets

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Halo Infinite’s Fall Update: New Features and Modes to Revive the Game?

Forza Motorsport’s Future in Jeopardy: Fans Demand Clarity from Microsoft

CVE-2025-47668 – CookieCode Stored Cross-Site Scripting Vulnerability

Microsoft to Pull Plug on Shared EWS Access in Hybrid Exchange by October

Google Confirms Salesforce Database Breach by ShinyHunters Group

CVE-2025-4526 – Dígitro NGC Explorer Password Field Masking Vulnerability

CVE-2025-7418 – Tenda O3V2 HTTPd destIP Stack-Based Buffer Overflow

CVE-2025-6587 – Docker Desktop Environment Variable Disclosure Vulnerability

CVE-2025-6297 – “Ubuntu dpkg-deb Directory Permission Sanitization Vulnerability”

CVE-2025-5426 – Juzaweb CMS Menu Page Remote Access Control Vulnerability

Critical Vulnerabilities in Browser Wallets Let Attackers Drain your Funds

Learning how to predict rare kinds of failures

How to Use Kami: Full Guide for Educators and Professionals

CVE-2025-47668 – CookieCode Stored Cross-Site Scripting Vulnerability

Related Posts