We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-47204



Description

An issue was discovered in post.php in bootstrap-multiselect (aka Bootstrap Multiselect) 1.1.2. A PHP script in the source code echoes arbitrary POST data. If a developer adopts this structure wholesale in a live application, it could create a Reflective Cross-Site Scripting (XSS) vulnerability exploitable through Cross-Site Request Forgery (CSRF).

Reserved 2025-05-02 | Published 2025-05-13 | Updated 2025-05-14 | Assigner mitre

References

github.com/davidstutz/bootstrap-multiselect/releases

github.com/...ommit/11e1a6c11d3954f44acfb0274b6dad4bd8045103

cve.org (CVE-2025-47204)

nvd.nist.gov (CVE-2025-47204)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-47204

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.