Home

Description

In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora/public/js/editorManager.js.

PUBLISHED Reserved 2025-08-07 | Published 2025-08-07 | Updated 2025-08-08 | Assigner mitre




MEDIUM: 6.4CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Problem types

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Product status

Default status
unaffected

Any version before b087490042cb131963b524d0f86511a63a7ff085
affected

References

github.com/agorafoundation/agora/pull/556

github.com/...ommit/b087490042cb131963b524d0f86511a63a7ff085

github.com/...ulnerability-research/tree/main/CVE-2025-55134

cve.org (CVE-2025-55134)

nvd.nist.gov (CVE-2025-55134)

Download JSON