CVE-2024-25573 – PingFederate Stored XSS Vulnerability

June 15, 2025

CVE ID : CVE-2024-25573

Published : June 15, 2025, 4:15 p.m. | 9 hours, 7 minutes ago

Description : Unsanitized user-supplied data saved in the PingFederate Administrative Console could trigger the execution of JavaScript code in subsequent user processing.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6091 – H3C GR-3000AX Buffer Overflow Vulnerability

Next Article CVE-2025-22854 – PingFederate Google Adapter HTTP Response Handling Buffer Overflow

Highlights

CVE-2025-8731 – TRENDnet SSH Service Default Credentials Vulnerability (Critical)

August 8, 2025

CVE ID : CVE-2025-8731

Published : Aug. 8, 2025, 4:15 p.m. | 7 hours, 44 minutes ago

Description : A vulnerability was found in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. It has been classified as critical. This affects an unknown part of the component SSH Service. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Functionally, a Date

Creating Elastic And Bounce Effects With Expressive Animator

Microsoft shares Insiders preview of Visual Studio 2026

From Data To Decisions: UX Strategies For Real-Time Dashboards

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Can I use React Server Components (RSCs) today?

Can I use React Server Components (RSCs) today?

Perficient Named among Notable Providers in Forrester’s Q3 2025 Commerce Services Landscape

Sarah McDowell Helps Clients Build a Strong AI Foundation Through Salesforce

I Ran Local LLMs on My Android Phone

I Ran Local LLMs on My Android Phone

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

CVE-2024-25573 – PingFederate Stored XSS Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

How to Break Free from Tutorial Hell: A Practical Guide

Your SaaS Data Isn’t Safe: Why Traditional DLP Solutions Fail in the Browser Era

CVE-2025-3510 – TagDiv Composer WordPress Stored Cross-Site Scripting Vulnerability

Red Hat Enterprise Linux (RHEL) quietly released an official image for WSL — but most of us won’t be able to use it

CVE-2025-8731 – TRENDnet SSH Service Default Credentials Vulnerability (Critical)

CVE-2025-39350 – Rocket Apps wProject Missing Authorization Vulnerability

CVE-2025-53910 – Mattermost Confluence Plugin Authentication Bypass

How to Crack Any WordPress Admin Account

CVE-2024-25573 – PingFederate Stored XSS Vulnerability

Related Posts