CVE-2025-53234

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions AndonDesign UDesign Core versions through 4.14.0

Description A Reflected Cross-site Scripting (XSS) issue exists in AndonDesign UDesign Core u-design-core. This occurs due to improper neutralization of input during web page generation. The issue allows for the injection of malicious scripts through vulnerable parameters. The API endpoints and vulnerable parameters were not specified in the provided information.

Recommendations Update to a version of AndonDesign UDesign Core greater than 4.14.0.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-53234

Affected Products

Udesign Core

CVE-2025-53234

Weakness Enumeration

Related Identifiers

Affected Products

References · 5