Vulnerabilities

CVE-2025-60646

by Fred · 12/11/2025

A stored cross-site scripting (XSS) in the Business Line Management module of Xxl-api v1.3.0 attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter.

More information : https://gist.github.com/LockeTom/0a02c0b2e2011abfbdf4e5fdbcc9b371

Similar

Tags: Cybersecurity Alert