Security Advisory

CVE-2025-29594

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-07 00:00:00

Last updated 2025-04-08 13:25:42

Assigner mitre

State PUBLISHED

Description

A vulnerability exists in the errorpage.php file of the CS2-WeaponPaints-Website v2.1.7 where user-controlled input is not adequately validated before being processed. Specifically, the $_GET[errorcode] parameter can be manipulated to access unauthorized error codes, leading to Cross-Site Scripting (XSS) attacks and information disclosure.

← Browse all CVEs View on cve.org ↗