V
Vexday
by TrueHacking
›
PT
ES
EN
Overview
CVEs
Technologies
Vendors
Weakness types
Briefing
Live
Home
/
Technologies
/
indieweb
Vulnerabilities in
indieweb
2 results
CVE-2025-14893
MEDIUM
IndieWeb <= 4.0.5 - Authenticated (Author+) Stored Cross-Site Scripting via 'Telephone' Parameter
EPSS
0.2%
CVE-2025-12028
HIGH
IndieAuth <= 4.5.4 - Cross-Site Request Forgery to Account Takeover via Stolen OAuth Tokens
EPSS
0.2%