Algernon · Algernon · CVE-2025-65754
**Name of the Vulnerable Software and Affected Versions**
Algernon version 1.17.4
**Description**
A Cross Site Scripting issue exists in Algernon version 1.17.4. This allows attackers to execute arbitrary code by injecting a crafted payload into a filename. The issue involves the injection of malicious code through a filename, potentially leading to unauthorized actions or data compromise.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.