CVE-2025-53839 – DRACOON Branding Service Cross-Site Scripting Vulnerability

July 15, 2025

CVE ID : CVE-2025-53839

Published : July 15, 2025, 12:15 a.m. | 2 hours, 36 minutes ago

Description : DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users could inject HTML code into the workflow for newly onboarded users. A fix was made available in version 2.10.0 and rolled out to the DRACOON service. DRACOON customers do not need to take action.

Severity: 4.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53886 – Directus Session Hijacking Vulnerability

Next Article CVE-2025-53836 – XWiki Rendering Macro Execution Bypass

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Best React.js Development Services in 2025: Features, Benefits & What to Look For

Report: Samsung’s tri-fold phone, XR headset, and AI smart glasses to be revealed at Sep 29 Unpacked event

Are smart glasses with built-in hearing aids viable? My verdict after months of testing

These 7 smart plug hacks that saved me time, money, and energy (and how I set them up)

Amazon will sell you the iPhone 16 Pro for $250 off right now – how the deal works

Fake News Detection using Python Machine Learning (ML)

Fake News Detection using Python Machine Learning (ML)

Common FP – A New JS Utility Lib

Call for Speakers – JS Conf Armenia 2025

Chrome on Windows 11 FINALLY Gets Touch Drag and Drop, Matching Native Apps

Chrome on Windows 11 FINALLY Gets Touch Drag and Drop, Matching Native Apps

Fox Sports not Working: 7 Quick Fixes to Stream Again

Capital One Zelle not Working: 7 Fast Fixes

CVE-2025-53839 – DRACOON Branding Service Cross-Site Scripting Vulnerability

CVE-2024-32832 – Hamid Alinia Login with Phone Number Missing Authorization

CVE-2025-31100 – Mojoomla School Management Unrestricted File Upload Vulnerability

South Korea’s antitrust watchdog green lights Microsoft’s practice of bundling Copilot

Progress Software Announces General Availability of MarkLogic Server 12 and Breakthrough Results with Semantic RAG

Fix Elden Ring Nightreign Connection Errors And Server Login Failure PC

Best Prime Day Samsung deals: My 18 favorite sales live now

CVE-2025-2987 – IBM Maximo Asset Management SSRF

CVE-2025-36088 – IBM TS4500 Cross-Site Scripting Vulnerability

How Apoidea Group enhances visual information extraction from banking documents with multimodal models using LLaMA-Factory on Amazon SageMaker HyperPod

CVE-2025-3962 – Withstars Books-Management-System Cross-Site Scripting Vulnerability

CVE-2025-53839 – DRACOON Branding Service Cross-Site Scripting Vulnerability

Related Posts