Security Advisory

CVE-2025-45314

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-13 00:00:00

Last updated 2025-08-13 20:26:56

Assigner mitre

State PUBLISHED

Description

A cross-site scripting (XSS) vulnerability in the /Calendar endpoint of hortusfox-web v4.4 allows attackers to execute arbitrary JavaScript in the context of a users browser via a crafted payload injected into the add function.

← Browse all CVEs View on cve.org ↗