PT-2025-15740 · Unknown · Theode Language Field
Johska
·
Published
2025-04-09
·
Updated
2025-04-11
·
CVE-2025-31382
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions:
theode Language Field versions n/a through 0.9
Description:
A Cross-Site Request Forgery (CSRF) issue in theode Language Field allows for Stored XSS.
Recommendations:
For versions n/a through 0.9, consider disabling the Language Field functionality until a patch is available to prevent potential exploitation.
Restrict access to the Language Field module to minimize the risk of Stored XSS attacks.
Avoid using the Language Field in sensitive operations until the issue is resolved.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Theode Language Field