Cross Site Scripting Vulnerability in Open Source Social Network by Open Source Social Network
CVE-2025-63441
7.3HIGH
What is CVE-2025-63441?
Open Source Social Network (OSSN) version 8.6 is susceptible to a Cross Site Scripting (XSS) attack through the param parameter at the u/administrator/friends endpoint. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users, potentially compromising sensitive user information and session tokens. Users and administrators should implement security measures to mitigate the risks associated with this vulnerability.