Cross-Site Scripting Vulnerability in Woobox by Woobox
CVE-2025-47675
6.5MEDIUM
What is CVE-2025-47675?
A cross-site scripting vulnerability exists in Woobox that allows attackers to execute arbitrary JavaScript in the context of a user's session. This flaw arises from improper handling of user input during web page generation, specifically leading to DOM-Based XSS. Affected versions include all prior to 1.6, exposing users to potential exploitation.
Affected Version(s)
Woobox <= 1.6