CVE-2025-55291 Information
Aug 19, 2025
cve
Description
Shaarli is a minimalist bookmark manager and link sharing service. Prior to 0.15.0 the input string in the cloud tag page is not properly sanitized. This allows the tag to be prematurely closed leading to a reflected Cross-Site Scripting (XSS) vulnerability. This vulnerability is fixed in 0.15.0.
Reference
https://github.com/shaarli/Shaarli/commit/66faa61335a6e72184be64092ff1242ffa4fe5b6 https://github.com/shaarli/Shaarli/security/advisories/GHSA-7w7w-pw4j-265h
Related CNNVD
CNNVD-202508-2037 (Published: 2025-08-18)
Share on: