CVE-2025-0419

CVSS v3.1

4.7

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Zirve Nova versions 235 through 20250131

Description Zirve Nova is susceptible to a Cross-Site Scripting (XSS) issue due to improper neutralization of input during web page generation. This allows for the injection of malicious scripts into web pages viewed by other users.

Recommendations Zirve Nova versions 235 through 20250131: Implement proper input validation and output encoding to neutralize potentially malicious scripts. Ensure all user-supplied data is sanitized before being displayed on web pages.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-0419

Affected Products

Zirve Nova

CVE-2025-0419

Weakness Enumeration

Related Identifiers

Affected Products

References · 5