CVE-2025-63499 | THREATINT

Description

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the theme parameter.

PUBLISHED Reserved 2025-10-27 | Published 2025-12-04 | Updated 2025-12-05 | Assigner mitre

References

github.com/poblaguev-tot/CVE-2025-63499 exploit

github.com/poblaguev-tot/CVE-2025-63499

email.example.com/...iPt%20%3Ealert%289998%29%3C%2FScRiPt%3E

cve.org (CVE-2025-63499)

nvd.nist.gov (CVE-2025-63499)

help @ threatint.eu