CVE-2025-1419 – Konsola Proget Stored Cross-Site Scripting Vulnerability

May 21, 2025

CVE ID : CVE-2025-1419

Published : May 21, 2025, 1:16 p.m. | 1 hour, 34 minutes ago

Description : Input provided in comment section of Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack.

This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-1420 – Konsola Proget Stored Cross-Site Scripting Vulnerability

Next Article CVE-2025-1418 – Konsola Proget Profile Information Disclosure Vulnerability

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

A UN Human Rights Council report lists Microsoft among big tech companies that “profit” from Gaza genocide

The best Costco deals to compete with Prime Day: TVs, laptops, Apple products, and more

This 9-in-1 off-grid portable power station has a 17-year lifespan – and it’s over 50% off

DistroWatch Weekly, Issue 1129

Token System using PHP and MySQL

Token System using PHP and MySQL

Create React UI component with uncontrollable

Flaget – new small 5kB CLI argument parser

A UN Human Rights Council report lists Microsoft among big tech companies that “profit” from Gaza genocide

A UN Human Rights Council report lists Microsoft among big tech companies that “profit” from Gaza genocide

Microsoft Forms Was Down for Some Users; But Now Fixed

DistroWatch Weekly, Issue 1129

CVE-2025-1419 – Konsola Proget Stored Cross-Site Scripting Vulnerability

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

CVE-2025-6879 – “SourceCodester Best Salon Management System SQL Injection”

VS slaat alarm over ransomware-aanvallen via SimpleHelp-lek

Hollow Knight: Silksong boldly teases DLC before even giving a release date, and fans are poking fun to hide the pain: “Sure hope this DLC doesn’t turn into a full fledged game that takes 8 years to develop”

CVE-2025-4591 – Weluka Lite Stored Cross-Site Scripting Vulnerability in WordPress

Hashrat – hashing tool

MediaTek’s June 2025 Security Bulletin: High-Severity Flaw & Multiple Medium Risks Uncovered

CVE-2025-5338 – Royal Elementor Addons WordPress Stored Cross-Site Scripting Vulnerability

CVE-2025-37891 – ALSA UMP Buffer Overflow Vulnerability

CVE-2025-1419 – Konsola Proget Stored Cross-Site Scripting Vulnerability

Related Posts