1 results (0.001 seconds)
CVSS: 5.4EPSS: 0%CPEs: 17EXPL: 1
CVSS: 5.4EPSS: 0%CPEs: 17EXPL: 1CVE-2025-2699 – GetmeUK ContentTools Image cross site scripting
https://notcve.org/view.php?id=CVE-2025-2699
24 Mar 2025 — A vulnerability was found in GetmeUK ContentTools up to 1.6.16. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Image Handler. The manipulation of the argument onload leads to cross site scripting. The attack may be launched remotely. • https://gist.github.com/Masamuneee/657f2e2b0eb5bf9b0d4dbb79f00dac37 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •