XSS Vulnerability in Topkapi Spreadsheet View by Areal
CVE-2025-1434

6.1MEDIUM

Key Information:

Vendor: Areal Sas
Status: Topkapi Vision Webserv2
Vendor: CVE Published:; 11 March 2025

What is CVE-2025-1434?

Areal's Topkapi Spreadsheet view is susceptible to an XSS vulnerability that enables remote unauthorized attackers to manipulate and read limited values within the spreadsheet. Although this issue allows for potential exploitation, it does not compromise confidential information, system settings, or functionality of other spreadsheets. Users should remain vigilant and monitor updates to mitigate possible attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Topkapi Vision Webserv2 1.0.0 <= 6.2.5474

References

https://www.areal-topkapi.com/en/topkapi/security-bulletins

vendor-advisory

https://www.areal-topkapi.com/topkapi/bulletins-de-securite

vendor-advisory

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Mar 11, 2025
Vulnerability Reserved
Feb 18, 2025

JSON

Areal Sas