Vulnerabilidades en indieweb

2 resultados

CVE-2025-14893MEDIUMIndieWeb <= 4.0.5 - Authenticated (Author+) Stored Cross-Site Scripting via 'Telephone' ParameterEPSS 0.2%CVE-2025-12028HIGHIndieAuth <= 4.5.4 - Cross-Site Request Forgery to Account Takeover via Stolen OAuth TokensEPSS 0.2%