PT-2025-39584 · Unknown · The Tribal

Nabil Irawan

Published

2025-09-26

Updated

2025-09-26

CVE-2025-60141

CVSS v3.1

5.9

Vector

AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

**Name of the Vulnerable Software and Affected Versions**

The Tribal versions through 1.3.3

**Description**

The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting (XSS) issue. This allows for the injection of malicious scripts into web pages viewed by other users. The vulnerability is of type Stored XSS, meaning the malicious script is permanently stored on the target server.

**Recommendations**

Update The Tribal to a version later than 1.3.3.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-60141

Affected Products

The Tribal

PT-2025-39584 · Unknown · The Tribal

Weakness Enumeration

Related Identifiers

Affected Products

References · 3