CVE-2025-47943 – Gogs PDFjs Stored XSS Vulnerability

June 24, 2025

CVE ID : CVE-2025-47943

Published : June 24, 2025, 4:15 a.m. | 1 hour ago

Description : Gogs is an open source self-hosted Git service. In application version 0.14.0+dev and prior, there is a stored cross-site scripting (XSS) vulnerability present in Gogs, which allows client-side Javascript code execution. The vulnerability is caused by the usage of a vulnerable and outdated component: pdfjs-1.4.20 under public/plugins/. This issue has been fixed for gogs.io/gogs in version 0.13.3.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52568 – NeKernal Memory Corruption Vulnerability

Next Article CVE-2025-52566 – LLama Heap Overflow Vulnerability

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

3 portable power stations I travel everywhere with (and how they differ)

I tried Lenovo’s new rollable ThinkBook and can’t go back to regular-sized screens

The Creators of the Acclaimed Silent Hill 2 Remake Present a Deep Dive Into the Story of Their Newest Horror Game IP — and It’s So Bizarre and Insane That It’s Convinced Me To Put It on My Wishlist

Forget Back to School Deals — Lenovo’s Clearance Sale is Where You’ll Find Amazing Discounts on Laptops, Mini PCs, and More, While Supplies Last

spatie/laravel-flare

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Generate Postman Collections from Laravel Routes

The Creators of the Acclaimed Silent Hill 2 Remake Present a Deep Dive Into the Story of Their Newest Horror Game IP — and It’s So Bizarre and Insane That It’s Convinced Me To Put It on My Wishlist

The Creators of the Acclaimed Silent Hill 2 Remake Present a Deep Dive Into the Story of Their Newest Horror Game IP — and It’s So Bizarre and Insane That It’s Convinced Me To Put It on My Wishlist

Forget Back to School Deals — Lenovo’s Clearance Sale is Where You’ll Find Amazing Discounts on Laptops, Mini PCs, and More, While Supplies Last

The Gaming Desktop I’ve Relied on More Than Any Other Is More Powerful and Sleeker Than Ever — But Damn, It’s Expensive

CVE-2025-47943 – Gogs PDFjs Stored XSS Vulnerability

Android adware: What is it, and how do I get it off my device?

Black Hat USA 2025: Is a high cyber insurance premium about your risk, or your insurer’s?

Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads

CVE-2025-4050 – Google Chrome Heap Corruption Out-of-Bounds Access Vulnerability

CVE-2025-49149 – Dify Cross-Site Scripting (XSS) Vulnerability

The Identities Behind AI Agents: A Deep Dive Into AI & NHI

H Company Releases Runner H Public Beta Alongside Holo-1 and Tester H for Developers

CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign

Microsoft Patch Tuesday, July 2025 Edition

CVE-2025-6379 – BeeTeam368 Extensions Pro for WordPress Directory Traversal Vulnerability

CVE-2025-47943 – Gogs PDFjs Stored XSS Vulnerability

Related Posts