- Description
- An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored XSS via malicious form input.
- Source
- cve@gitlab.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.6
- Impact score
- 4.7
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
- Severity
- HIGH
- cve@gitlab.com
- CWE-79
- Hype score
- Not currently trending
CVE-2025-5990 (CVSS:7.6, HIGH) is Awaiting Analysis. An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a ..https://t.co/acfCQZcS9x #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
20 Jun 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5990 (CVSS:7.6, HIGH) is Awaiting Analysis. An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a ..https://t.co/acfCQZckjZ #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
19 Jun 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5990 An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored… https://t.co/K5CMAUmxon
@CVEnew
15 Jun 2025
879 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes