Multiple Cross Site Scripting (XSS) vulnerabilities in input fields in Explorance Blue 8.1.2 allows attackers to inject arbitrary JavaScript code on the user's browser via the Group name and Project Description input fields.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:NExplorance Blue
APPExplorance8.1.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
Related vulnerabilities
CVE-2025-57792CRITICAL10.0PL ✓ten sam produkt
SQL Injection bez uwierzytelnienia w Explorance Blue (CVE-2025-57792)
CVE-2025-57794CRITICAL9.1PL ✓ten sam produkt
RCE przez unrestricted file upload w Explorance Blue (panel admina)
CVE-2025-57795CRITICAL9.9PL ✓ten sam produkt
RCE przez podatny upload plików w Explorance Blue (CVE-2025-57795)
CVE-2025-57793HIGH8.6ten sam produkt
Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validati...
CVE-2025-57796MEDIUM6.8ten sam produkt
Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to p...