CVE-2025-0706 Information

Jan 25, 2025 cve

Description

A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/sys/admin.html. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore no version details of affected nor updated releases are available.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

Reference

https://github.com/JoeyBling/bootplus/issues/28 https://github.com/JoeyBling/bootplus/issues/28 https://github.com/JoeyBling/bootplus/issues/28#issue-2786945699 https://github.com/JoeyBling/bootplus/issues/28#issue-2786945699 https://vuldb.com/?ctiid.293234 https://vuldb.com/?id.293234 https://vuldb.com/?submit.480845

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

NONE

Base Severity

2.4

Share on: