CVE-2025-60298

Alias:

Overview

Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and ex...

Critical

Low

Medium

No items found.

Severity / CVSS Score: (Critical)

CWE:

Discovery date:

Authentication required: NoneYes

Attack Vector: None

CVE-2025-60298

Overview

Affected Components

Kodem Deep Dive

Stop the waste.
Protect your environment with Kodem.

CVE-2025-60298

Overview

Affected Components

Kodem Deep Dive

Stop the waste.Protect your environment with Kodem.

Stop the waste.
Protect your environment with Kodem.