Cross-site Scripting Vulnerability in Melipayamak by Melipayamak

CVE-2025-30940

What is CVE-2025-30940?

The Melipayamak platform is impacted by a severe Cross-site Scripting (XSS) vulnerability that arises from improper input neutralization during web page generation. This weakness allows attackers to inject malicious scripts, potentially compromising user data and web application security. Affected versions include all versions leading up to and including 2.2.12. Malicious users can exploit this flaw, leading to stored XSS issues that can affect sensitive user interactions and data integrity.

News Articles

OffSeq

CVE-2025-30940

CVE-2025-30940: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in melipayamak Melipayamak - Live Threat Intelligence - Threat Radar | OffSeq.com

Detailed information about CVE-2025-30940: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in melipayamak Melipayama

1 week ago

References