CVE-2025-22388 – Optimizely EPiServer.CMS.Core Stored Cross-Site Scripting (XSS) Vulnerability

1月 4, 2025
3:16 am

CVE ID : CVE-2025-22388

Published : Jan. 4, 2025, 2:15 a.m. | 1 hour, 1 minute ago

Description : An issue was discovered in Optimizely EPiServer.CMS.Core before 12.22.0. A high-severity Stored Cross-Site Scripting (XSS) vulnerability exists in the CMS, allowing malicious actors to inject and execute arbitrary JavaScript code, potentially compromising user data, escalating privileges, or executing unauthorized actions. The issue exists in multiple areas, including content editing, link management, and file uploads.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-22388 – Optimizely EPiServer.CMS.Core Stored Cross-Site Scripting (XSS) Vulnerability

Elvescore.io

Recent Posts

CVE-2025-0230 – “Code-Projects Responsive Hotel Site SQL Injection”

CVE-2025-0229 – “Code-projects Travel Management System SQL Injection Vulnerability”

CVE-2025-0228 – Code-projects Local Storage Todo App Cross Site Scripting Vulnerability

CVE-2025-0226 – Tsinghua Unigroup Electronic Archives System File Download Path Information Disclosure

CVE-2025-0227 – Tsinghua Unigroup Electronic Archives System File Path Information Disclosure Vulnerability

CVE-2025-0224 – Provision-ISR SH Series/NGVR5-8200PX JavaScript File Information Disclosure Vulnerability

CVE-2025-22388 – Optimizely EPiServer.CMS.Core Stored Cross-Site Scripting (XSS) Vulnerability

CVE-2025-22388 – Optimizely EPiServer.CMS.Core Stored Cross-Site Scripting (XSS) Vulnerability