CVE-2025-50592 — Cross site scripting vulnerability in seacms before 13.2 via the vid parameter t... | CVE Daily

Medium CVSS 5.4

Overview

Cross site scripting vulnerability in seacms before 13.2 via the vid parameter to Upload/js/player/dmplayer/player.

CWE: CWE-79 Published: 2025-08-05T20:15:37.350

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.4 (MEDIUM)
Detected tags: xss (tag impact: MODERATE)

Recommended actions:

Apply context-aware output encoding.
Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Recommended tools

Tags

Cross-site Scripting (XSS)