Stored Cross-Site Scripting Vulnerability in Flatboard Pro by Flatboard
CVE-2025-40722
5.1MEDIUM
What is CVE-2025-40722?
Flatboard Pro prior to version 3.2.2 is susceptible to a stored Cross-Site Scripting (XSS) vulnerability. This flaw arises from insufficient validation of user input in the replace parameter located in /config.php/tags. Attackers could exploit this vulnerability to inject malicious scripts, potentially compromising user data and invoking unwanted actions within the application.
Affected Version(s)
Flatboard 0 < 3.2.2