CVE Daily

CVE-2025-53865

In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tr...

Medium CVSS 6.4

Overview

In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates (devel and responsive).

CWE: CWE-79 Published: 2025-07-13T20:15:25.887
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 6.4 (MEDIUM)
  • Detected tags: xss (tag impact: MODERATE)

Recommended actions:

  • Apply context-aware output encoding.
  • Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Recommended tools

Tags