CVE-2025-53331 – Samcharrington RSS Digest CSRF Stored XSS

June 27, 2025

CVE ID : CVE-2025-53331

Published : June 27, 2025, 2:15 p.m. | 55 minutes ago

Description : Cross-Site Request Forgery (CSRF) vulnerability in samcharrington RSS Digest allows Stored XSS. This issue affects RSS Digest: from n/a through 1.5.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53332 – Ethoseo Track Everything CSRF Stored XSS

Next Article CVE-2025-53329 – Szajenw Społecznościowa CSRF Stored XSS

Highlights

CVE-2025-48371 – OpenFGA Authorization Bypass Vulnerability

May 22, 2025

CVE ID : CVE-2025-48371

Published : May 22, 2025, 11:15 p.m. | 1 hour, 35 minutes ago

Description : OpenFGA is an authorization/permission engine. OpenFGA versions 1.8.0 through 1.8.12 (corresponding to Helm chart openfga-0.2.16 through openfga-0.2.30 and docker 1.8.0 through 1.8.12) are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Users are affected under four specific conditions: First, calling Check API or ListObjects with an authorization model that has a relationship directly assignable by both type bound public access and userset; second, there are check or list object queries with contextual tuples for the relationship that can be directly assignable by both type bound public access and userset; third, those contextual tuples’s user field is an userset; and finally, type bound public access tuples are not assigned to the relationship. Users should upgrade to version 1.8.13 to receive a patch. The upgrade is backwards compatible.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

From Line To Layout: How Past Experiences Shape Your Design Career

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

Google’s coding agent Jules gets critique functionality

GitHub Availability Report: July 2025

From private to public: How a United Nations organization open sourced its tech in four steps

We Might Need Something Between Root and Relative CSS Units for “Base Elements”

Microsoft Targets ‘Critical AI Talent’ from Meta to Dominate Next AI Breakthroughs

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

Anthropic Offers Claude AI to All U.S. Government Branches for Just $1

Anthropic Offers Claude AI to All U.S. Government Branches for Just $1

Microsoft Tests Prompting Heavy Chrome Users to Pin Edge to Windows 11 Taskbar

PC Maintenance Software: 6 Best to Use in 2025

CVE-2025-53331 – Samcharrington RSS Digest CSRF Stored XSS

CVE-2025-8879 – Google Chrome Heap Buffer Overflow Vulnerability

CVE-2025-8880 – Google Chrome V8 Race Condition Execution of Arbitrary Code

How to integrate artificial intelligence into office software: the ONLYOFFICE Docs case study

WebCamControl is a GUI app for controlling properties of a webcam

Quality Over Speed: A Case for Perfectionism

CVE-2025-7795 – Tenda FH451 Stack-Based Buffer Overflow Vulnerability

CVE-2025-48371 – OpenFGA Authorization Bypass Vulnerability

Fixing ‘failed to synchronize all databases’ Pacman Error in Arch Linux

CVE-2025-34113 – Tiki Wiki CMS Command Injection Vulnerability

Chrome 140 Plans to Play Nicer with Wayland on Linux

CVE-2025-53331 – Samcharrington RSS Digest CSRF Stored XSS

Related Posts