xss - Daily CVE Reports

xss

CVE-2025-47933: Critical XSS Vulnerability in Argo CD’s Repository UI

Hey everyone, grab your security hats! Today, we're diving deep into CVE-2025-47933, a crafty Cross-Site Scripting (XSS) vulnerability discovered in Argo CD. If you're running a vulnerable version, a seemingly innocent link on your repositories page could be a Trojan horse, giving attackers the keys to

xss

CVE-2025-27405: Cross-Site Scripting Vulnerability in Icinga Web 2 Embedded Content

Executive Summary CVE-2025-27405 is a cross-site scripting (XSS) vulnerability affecting Icinga Web 2, a widely used open-source monitoring web interface. This vulnerability allows an attacker to inject arbitrary JavaScript code into the Icinga Web 2 interface by crafting a malicious URL. If a user clicks on this crafted URL, the

Web

CVE-2025-29771: Cross-Site Scripting (XSS) Vulnerability in HtmlSanitizer

Executive Summary CVE-2025-29771 is a cross-site scripting (XSS) vulnerability affecting versions of the HtmlSanitizer library prior to 2.0.3. HtmlSanitizer is a JavaScript library used to sanitize HTML content, often employed in scenarios where user-generated content is rendered in web applications. The vulnerability arises when the library is used