CVE-2025-51488

Publication date

2025-08-19 00:00:00

Family

mitre

State

PUBLISHED

Description

A Stored Cross-Site Scripting (XSS) vulnerability exists in MoonShine version < 3.12.4, allowing remote attackers to store and execute arbitrary JavaScript by including a malicious HTML payload in the Name parameter when creating a new Admin.