CVE-2025-47929 – DumbDrop DOM Cross-Site Scripting Vulnerability

May 15, 2025

CVE ID : CVE-2025-47929

Published : May 15, 2025, 9:15 p.m. | 3 hours, 42 minutes ago

Description : DumbDrop, a file upload application that provides an interface for dragging and dropping files, has a DOM cross-site scripting vulnerability in the upload functionality prior to commit db27b25372eb9071e63583d8faed2111a2b79f1b. A user could be tricked into uploading a file with a malicious payload. Commit db27b25372eb9071e63583d8faed2111a2b79f1b fixes the vulnerability.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4719 – Campcodes Sales and Inventory System SQL Injection Vulnerability

Next Article CVE-2025-1138 – IBM InfoSphere Information Server Directory Traversal Vulnerability

June 2025: All AI updates from the past month

Building a culture that will drive platform engineering success

Gartner: More than 40% of agentic AI projects will be canceled in the next few years

Never Stop Exploring (July 2025 Wallpapers Edition)

I never thought I’d praise a kickstand power bank – until I tried this one

I replaced my work PC with this Alienware laptop – now I’m wondering why I hadn’t done this sooner

How to set up Alexa to receive notifications on Prime Day deals you want

How proxy servers actually work, and why they’re so valuable

Top 6 MySQL Database Management Struggles for Laravel Developers (And Smart Fixes)

Top 6 MySQL Database Management Struggles for Laravel Developers (And Smart Fixes)

What’s the difference between named functions and arrow functions in JavaScript?

Spring Boot + Swagger: A Complete Guide to API Documentation

Relive the Golden Era: 5 Tools to Get Retro Feel on Linux

Relive the Golden Era: 5 Tools to Get Retro Feel on Linux

mpvc – mpc-like CLI tool for mpv

sherpa-onnx is speech-to-text and text-to-speech software

CVE-2025-47929 – DumbDrop DOM Cross-Site Scripting Vulnerability

⚡ Weekly Recap: Airline Hacks, Citrix 0-Day, Outlook Malware, Banking Trojans and more

Google Patches Actively Exploited Chrome Zero-Day: CVE-2025-6554

iRasptek Raspberry Pi 5 8GB Starter Kit Review

DanceGRPO: A Unified Framework for Reinforcement Learning in Visual Generation Across Multiple Paradigms and Tasks

CVE-2025-2895 – IBM Cloud Pak System HTML Injection Vulnerability

Weather Detection System using PHP and MySQL

Surface Pro 2-in-1 (2024) with Snapdragon X Elite drops to $1,170 in rare Amazon deal

MIT’s McGovern Institute is shaping brain science and improving human lives on a global scale

CVE-2025-47935 – Multer Resource Exhaustion and Memory Leak Vulnerability

Active Directory dMSA Privilege Escalation Attack Detailed by Researchers

CVE-2025-47929 – DumbDrop DOM Cross-Site Scripting Vulnerability

Related Posts