Security Advisory

CVE-2025-41079

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-04 11:48:10

Last updated 2025-12-04 14:44:00

Assigner INCIBE

State PUBLISHED

Description

A stored Cross-Site Scripting (XSS) vulnerability has been found in Seafile v12.0.10. This vulnerability allows an attacker to execute arbitrary code in the victims browser by storing malicious payloads with PUT parámetro name in /api/v2.1/user/.

← Browse all CVEs View on cve.org ↗