xss

CVE-2025-27405: Cross-Site Scripting Vulnerability in Icinga Web 2 Embedded Content

Executive Summary CVE-2025-27405 is a cross-site scripting (XSS) vulnerability affecting Icinga Web 2, a widely used open-source monitoring web interface. This vulnerability allows an attacker to inject arbitrary JavaScript code into the Icinga Web 2 interface by crafting a malicious URL. If a user clicks on this crafted URL, the

Web

CVE-2025-29771: Cross-Site Scripting (XSS) Vulnerability in HtmlSanitizer

Executive Summary CVE-2025-29771 is a cross-site scripting (XSS) vulnerability affecting versions of the HtmlSanitizer library prior to 2.0.3. HtmlSanitizer is a JavaScript library used to sanitize HTML content, often employed in scenarios where user-generated content is rendered in web applications. The vulnerability arises when the library is used