CVE-2025-55126 | THREATINT

Description

HackerOne community member Dang Hung Vi (vidang04) has reported a stored XSS vulnerability involving the navigation box at the top of advertiser-related pages, with campaign names being the vector for the stored XSS

PUBLISHED Reserved 2025-08-07 | Published 2025-11-20 | Updated 2025-12-01 | Assigner hackerone

MEDIUM: 6.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Product status

6 (semver)

affected

6.0.3 (semver)

unaffected

References

hackerone.com/reports/3411750

cve.org (CVE-2025-55126)

nvd.nist.gov (CVE-2025-55126)

Download JSON