PT-2026-21037 · Storyform · Storyform
Published
2026-02-20
·
Updated
2026-02-25
·
CVE-2025-53233
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
RylanH Storyform versions through 0.6.14
Description
The software contains a flaw due to improper neutralization of input during web page generation, specifically a Reflected Cross-site Scripting issue. This allows for the execution of malicious scripts through crafted input. The affected component is Storyform.
Recommendations
Versions prior to 0.6.14 should be updated.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Storyform