CVE-2025-4379
Our Analysis: General-Purpose
Our model has classified this vulnerability as relevant to General-Purpose Systems, helping your team prioritize efforts effectively.
Published Date
May 23, 2025
Last Modified
May 23, 2025
CVSS Vector
Not Available
Description
DobryCMS in versions 2.* and lower is vulnerable to Reflected Cross-Site Scripting (XSS). Improper input validation in szukaj parameter allows arbitrary JavaScript to be executed on victim's browser when specially crafted URL is opened.
A hotfix for affected versions was released on 29.04.2025. It removes the vulnerability without incrementing the version.