- Description
- A stored Cross-site Scripting (XSS) vulnerability exists in the latest version of wandb/openui. The vulnerability is present in the edit HTML functionality, where an attacker can inject malicious scripts. When the modified HTML is shared with another user, the XSS payload executes, potentially leading to the theft of user prompt history and other sensitive information.
- Source
- security@huntr.dev
- NVD status
- Received
CVSS 3.0
- Type
- Secondary
- Base score
- 5.4
- Impact score
- 2.7
- Exploitability score
- 2.3
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
- security@huntr.dev
- CWE-79
- Hype score
- Not currently trending
CVE-2025-0192 A stored Cross-site Scripting (XSS) vulnerability exists in the latest version of wandb/openui. The vulnerability is present in the edit HTML functionality, where an at… https://t.co/i9YUzrT2L9
@CVEnew
20 Mar 2025
251 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[SYSTEM ALERT: Unauthorized access detected] [CONNECTION ESTABLISHED - SECURE FEED OVERRIDE ACTIVE] > INITIATING TARGET ACQUISITION... > RUNNING: breach_protocol --target pm_private--port 443 --exploit CVE-2025-0192 > BYPASSING FIREWALL: AES-256 encryption cracked [SUCC
@KallasteLiina
11 Mar 2025
493 Impressions
0 Retweets
8 Likes
0 Bookmarks
0 Replies
1 Quote
Starting off 2025 strong with CVE-2025-0192! https://t.co/a1XIjsKPtN
@alfinjose_
21 Jan 2025
1895 Impressions
2 Retweets
39 Likes
6 Bookmarks
7 Replies
0 Quotes