CVE-2025-51534

Name of the Vulnerable Software and Affected Versions Austrian Archaeological Institute (AI) OpenAtlas version 8.11.0

Description OpenAtlas contains a cross-site scripting (XSS) issue. Attackers can inject a crafted payload into the Name field, enabling the execution of arbitrary web scripts or HTML.

Recommendations Update to a newer version of OpenAtlas that addresses this issue. As a temporary workaround, sanitize all user inputs to the Name field to prevent the injection of malicious scripts.