CVE-2025-46383 — CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cros... | CVE Daily

Medium CVSS 6.1

Overview

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

CWE: CWE-79 Published: 2025-07-20T15:15:24.183

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.1 (MEDIUM)
Detected tags: xss (tag impact: MODERATE)

Recommended actions:

Apply context-aware output encoding.
Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Recommended tools

Tags

Cross-site Scripting (XSS)