Cross-Site Scripting Vulnerability in ChangeDetection.io by dgtlmoon
CVE-2025-52558

7HIGH

Key Information:

Vendor: Dgtlmoon
Status: Changedetection.io
Vendor: CVE Published:; 23 June 2025

What is CVE-2025-52558?

The web page change detection service, ChangeDetection.io, had a significant vulnerability prior to version 0.50.4 whereby filters from webpage change detection notices were not appropriately validated. This oversight allowed attackers to inject malicious scripts, potentially leading to unauthorized access or data theft. The issue has since been rectified in the latest release, underscoring the importance of keeping software updated to mitigate exposure to vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

changedetection.io < 0.50.4

References

https://github.com/dgtlmoon/changedetection.io/security/a...

x_refsource_CONFIRM

https://github.com/dgtlmoon/changedetection.io/commit/3d5...

x_refsource_MISC

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Jun 23, 2025
Vulnerability Reserved
Jun 18, 2025

JSON

Dgtlmoon