Overview CVE-2025-65012 details a Cross-Site Scripting (XSS) vulnerability found in Kirby CMS, an open-source content management system. This vulnerability affects versions 5.0.0 through 5.1.3. An attacker could exploit this flaw to inject malicious code into the Kirby Panel, potentially compromising the accounts of other authenticated users. The attack requires user interaction from a separate Panel user to trigger the malicious code. This vulnerability is addressed in Kirby version 5.1.4. Technical Details The vulnerability stems from insufficient input sanitization when handling page titles and user names within the Kirby CMS Panel. An attacker with Panel access could change the title of…

Overview CVE-2025-64515 is a medium severity vulnerability affecting Open Forms, a platform for creating and publishing smart forms. The vulnerability allows malicious users to bypass intended readonly or disabled restrictions on form fields and potentially modify data they are not authorized to change. This occurs in forms where the prefill data fields are dynamically set to readonly/disabled. The vulnerability has been addressed in Open Forms versions 3.2.7 and 3.3.3. Users of earlier versions are strongly encouraged to upgrade to these patched versions. Technical Details The vulnerability stems from insufficient enforcement of readonly/disabled attributes on dynamically populated form fields. While the…

Overview This article discusses CVE-2025-64325, a security vulnerability identified in Emby Server, a personal media server application. The vulnerability resides in the handling of the X-Emby-Client header during authentication requests. A malicious actor can exploit this vulnerability to inject arbitrary, unsanitized data into the devices section of the Emby Server admin dashboard. Technical Details CVE-2025-64325 arises because Emby Server, in versions prior to 4.8.1.0 and Beta versions prior to 4.9.0.0-beta, does not properly sanitize the X-Emby-Client header value during the authentication process. When a user attempts to authenticate, the server processes the X-Emby-Client value, which is intended to identify the…

Published: 2025-11-18 Overview A critical security vulnerability, identified as CVE-2025-64324, has been discovered in KubeVirt, a virtual machine management add-on for Kubernetes. This vulnerability affects the `hostDisk` feature, potentially allowing attackers to read and write arbitrary files on the host system with elevated privileges. Technical Details The `hostDisk` feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a virtual machine. The vulnerability lies in the implementation of this feature, specifically within the `DiskOrCreate` option. A logic flaw allows a malicious actor to bypass intended security restrictions. By exploiting this flaw, an…

Overview CVE-2025-62406 details a high-severity vulnerability discovered in Piwigo, a popular open-source photo gallery application. Specifically, version 15.6.0 is susceptible to a Host header injection vulnerability in its password reset functionality. This flaw allows attackers to potentially compromise user accounts by crafting malicious password reset URLs. Technical Details The vulnerability resides within Piwigo’s password reset process. When a user requests a password reset, Piwigo sends an email containing a link to reset their password. The critical flaw is that the hostname used to construct this reset URL is directly derived from the HTTP request’s Host header. This header is supplied…

Overview CVE-2025-54990 is a medium-severity vulnerability affecting XWiki AdminTools versions prior to 1.1. This vulnerability allows users without administrative privileges to access the AdminTools.SpammedPages page, which should be restricted to administrators only. While the page doesn’t display any data to non-admin users, the unauthorized access itself poses a security risk. This issue has been addressed in AdminTools version 1.1. Technical Details The vulnerability stems from insufficient access control on the AdminTools.SpammedPages page within the XWiki AdminTools application. Prior to version 1.1, the view rights for this page were not exclusively limited to members of the XWikiAdminGroup. This oversight allows any…

Overview CVE-2025-63229 describes a reflected Cross-Site Scripting (XSS) vulnerability discovered in the web management interface of the Mozart FM Transmitter. This vulnerability affects version WEBMOZZI-00287 of the firmware. By crafting a malicious URL with a specific query parameter, attackers can inject arbitrary JavaScript code into the victim’s browser, potentially leading to sensitive data theft, session hijacking, or other malicious activities. Technical Details The vulnerability resides within the /main0.php endpoint of the Mozart FM Transmitter’s web interface. The m query parameter is vulnerable to reflected XSS. Specifically, user-supplied input provided through the ?m= parameter is not properly sanitized or encoded before…

Overview CVE-2025-63217 details a critical authentication bypass vulnerability affecting the Itel DAB MUX (IDMUX build c041640a). This vulnerability allows an attacker to reuse a valid JSON Web Token (JWT) obtained from one device to authenticate and gain administrative access to any other device running the same firmware. This is regardless of individual device passwords or network configurations. Successfully exploiting this vulnerability grants an attacker full compromise of the affected device. Technical Details The core issue lies in the improper JWT validation mechanism within the Itel DAB MUX firmware. Specifically, the device fails to properly verify the JWT’s intended audience or…

Overview CVE-2025-63216 describes a critical authentication bypass vulnerability affecting Itel DAB Gateways (IDGat build c041640a). This flaw stems from improper JWT (JSON Web Token) validation across different devices. An attacker can exploit this vulnerability by reusing a valid JWT token obtained from one Itel DAB Gateway to authenticate and gain administrative access to *any* other device running the same firmware. This effectively allows for a complete compromise of affected devices, regardless of individual passwords or network configurations. Technical Details The core issue lies in the flawed implementation of JWT validation within the Itel DAB Gateway’s firmware. Specifically, the device fails…

Overview CVE-2025-63215 identifies a critical Remote Code Execution (RCE) vulnerability found in the web-based management interface of Sound4 IMPACT devices. This flaw allows a remote attacker to execute arbitrary code on the device by exploiting a weakness in the firmware update mechanism. The vulnerability stems from the insufficient validation of the integrity of the `manual.sh` script during the firmware update process. Technical Details The Sound4 IMPACT firmware update process, when performed manually, lacks sufficient validation of the files included in the update package. Specifically, the `manual.sh` script, intended for performing specific configuration tasks during the update, is not adequately checked…