CVE-2025-49450 – mhallmann SEPA Girocode Cross-site Scripting

June 6, 2025

CVE ID : CVE-2025-49450

Published : June 6, 2025, 1:16 p.m. | 2 hours, 20 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in mhallmann SEPA Girocode allows Stored XSS. This issue affects SEPA Girocode: from n/a through 0.5.1.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49453 – Jatinder Pal Singh BP Profile CSRF Stored XSS

Next Article CVE-2025-49449 – WP Map Plugins Interactive Regional Map of Africa CSRF Vulnerability

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-49450 – mhallmann SEPA Girocode Cross-site Scripting

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

More From Our Main Blog: The Good, the Bad and the Ugly in Cybersecurity – Week 24

CVE-2025-43849 – Apache TTS Voice Conversion Framework Deserialization RCE

CVE-2025-39366 – Rocket Apps wProject Privilege Escalation Vulnerability

CVE-2025-6003 – WordPress Single Sign-On (SSO) Plugin Unauthenticated Sensitive Data Disclosure

CVE-2025-2905 (CVSS 9.1): Critical XXE Vulnerability Found in WSO2 API Manager

CVE-2025-5599 – PHPGurukul Student Result Management System SQL Injection Vulnerability

Could WWDC be Apple’s AI turning point? Here’s what analysts are predicting

CVE-2025-4726 – iSourcecode Placement Management System SQL Injection Vulnerability

Model customization, RAG, or both: A case study with Amazon Nova

CVE-2025-49450 – mhallmann SEPA Girocode Cross-site Scripting

Related Posts