CVE-2025-45002 – Vigybag Cross Site Scripting (XSS)

June 9, 2025

CVE ID : CVE-2025-45002

Published : June 9, 2025, 5:15 p.m. | 3 hours, 12 minutes ago

Description : Vigybag v1.0 and before is vulnerable to Cross Site Scripting (XSS) via the upload profile picture function under my profile.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46041 – Anchor CMS Stored XSS

Next Article CVE-2025-49136 – Listmonk Environment Variable Information Disclosure

Highlights

CVE-2025-49001 – DataEase JWT Token Forgery Vulnerability

June 3, 2025

CVE ID : CVE-2025-49001

Published : June 3, 2025, 9:15 p.m. | 30 minutes ago

Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.10, secret verification does not take effect successfully, so a user can use any secret to forge a JWT token. The vulnerability has been fixed in v2.10.10. No known workarounds are available.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

From Data To Decisions: UX Strategies For Real-Time Dashboards

Honeycomb launches AI observability suite for developers

Low-Code vs No-Code Platforms for Node.js: What CTOs Must Know Before Investing

ServiceNow unveils Zurich AI platform

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Optimizely Mission Control – Part III

Optimizely Mission Control – Part III

Learning from PHP Log to File Example

Online EMI Calculator using PHP – Calculate Loan EMI, Interest, and Amortization Schedule

DistroWatch Weekly, Issue 1139

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

Dmitry — The Deep Magic

CVE-2025-45002 – Vigybag Cross Site Scripting (XSS)

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Memoization and Function Caching with this PHP Package

How to Build Secure SSR Authentication with Supabase, Astro, and Cloudflare Turnstile

Kong Event Gateway makes it easier to work with Apache Kafka

Real-time Iceberg ingestion with AWS DMS

CVE-2025-49001 – DataEase JWT Token Forgery Vulnerability

CVE-2025-4568 – Apache HTTP Server Blind SQL Injection

CVE-2025-5713 – SoluçõesCoop iSoluçõesWEB Flow Handler Cross-Site Scripting Vulnerability

A Step-by-Step Coding Guide to Building an Iterative AI Workflow Agent Using LangGraph and Gemini

CVE-2025-45002 – Vigybag Cross Site Scripting (XSS)

Related Posts