Vulnerabilities

CVE-2025-5990

by Fred · 15/06/2025

An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored XSS via malicious form input.

Assigner : cve@gitlab.com

More information : https://gitlab.com/crafty-controller/crafty-4/-/issues/567

Similar

Tags: Cybersecurity Alert