CVE-2025-58671

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions morganrichards Auction Feed versions through 1.1.3

Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting (XSS). This means that malicious scripts can be injected into the web application and executed by other users. The vulnerability allows for the injection of malicious code through the application.

Recommendations Update morganrichards Auction Feed to a version later than 1.1.3.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-58671

Affected Products

Morganrichards Auction Feed

CVE-2025-58671

Weakness Enumeration

Related Identifiers

Affected Products

References · 4