CVE-2025-4379 – DobryCMS Reflected Cross-Site Scripting (XSS) Vulnerability

May 23, 2025

CVE ID : CVE-2025-4379

Published : May 23, 2025, 10:15 a.m. | 2 hours, 24 minutes ago

Description : DobryCMS in versions 2.* and lower is vulnerable to Reflected Cross-Site Scripting (XSS). Improper input validation in szukaj parameter allows arbitrary JavaScript to be executed on victim’s browser when specially crafted URL is opened.

A hotfix for affected versions was released on 29.04.2025. It removes the vulnerability without incrementing the version.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3894 – MegaBIP Stored XSS

Next Article CVE-2024-13945 – ASPECT Stored Path Traversal Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

SteamOS is officially not just for Steam Deck anymore — now ready for Lenovo Legion Go S and sort of ready for the ROG Ally

Microsoft’s latest AI model can accurately forecast the weather: “It doesn’t know the laws of physics, so it could make up something completely crazy”

OpenAI scientists wanted “a doomsday bunker” before AGI surpasses human intelligence and threatens humanity

My favorite gaming service is 40% off right now (and no, it’s not Xbox Game Pass)

A timeline of JavaScript’s history

A timeline of JavaScript’s history

Loading JSON Data into Snowflake From Local Directory

Streamline Conditional Logic with Laravel’s Fluent Conditionable Trait

SteamOS is officially not just for Steam Deck anymore — now ready for Lenovo Legion Go S and sort of ready for the ROG Ally

SteamOS is officially not just for Steam Deck anymore — now ready for Lenovo Legion Go S and sort of ready for the ROG Ally

Microsoft’s latest AI model can accurately forecast the weather: “It doesn’t know the laws of physics, so it could make up something completely crazy”

OpenAI scientists wanted “a doomsday bunker” before AGI surpasses human intelligence and threatens humanity

CVE-2025-4379 – DobryCMS Reflected Cross-Site Scripting (XSS) Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-47568 – ZoomSounds Deserialization Object Injection Vulnerability

Windows 11 KB5051989 upgrades File Explorer, direct download .msu

Whatâ€™s New in React19?

Cerebras Systems Revolutionizes AI Inference: 3x Faster with Llama 3.1-70B at 2,100 Tokens per Second

Nvidia dominates in gen AI benchmarks, clobbering 2 rival AI chips

Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack

Kong Event Gateway makes it easier to work with Apache Kafka

GitHub Launches GitHub Models: Enabling Millions of Developers to Become AI Engineers and Build with Industry-Leading AI Models

Some personal news

CVE-2025-4379 – DobryCMS Reflected Cross-Site Scripting (XSS) Vulnerability

Related Posts