Security Advisory

CVE-2025-1983

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-16 12:36:53

Last updated 2025-04-16 14:07:01

Assigner CERT-PL

State PUBLISHED

Description

A cross-site scripting (XSS) vulnerability in Ready_s File Explorer upload functionality allows injection of arbitrary JavaScript code in filename. Injected content is stored on server and is executed every time a user interacts with the uploaded file.

← Browse all CVEs View on cve.org ↗