soerennb eXtplorer Filename cross site scripting_CVE-2025-13058

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X

Description

A security flaw has been discovered in soerennb eXtplorer up to 2.1.15. The affected element is an unknown function of the component Filename Handler. The manipulation results in cross site scripting. The attack may be launched remotely. The patch is identified as 002def70b985f7012586df2c44368845bf405ab3. Applying a patch is advised to resolve this issue.

Basic Information

ID CVE-2025-13058

Source VulDB

Published Nov 12, 2025 at 19:32

Modified Nov 12, 2025 at 21:03

Affected Product

Vendor soerennb

Product eXtplorer

Version 2.1.0

Affected Versions soerennb eXtplorer 2.1.0
soerennb eXtplorer 2.1.1
soerennb eXtplorer 2.1.2
soerennb eXtplorer 2.1.3
soerennb eXtplorer 2.1.4
soerennb eXtplorer 2.1.5
soerennb eXtplorer 2.1.6
soerennb eXtplorer 2.1.7
soerennb eXtplorer 2.1.8
soerennb eXtplorer 2.1.9
soerennb eXtplorer 2.1.10
soerennb eXtplorer 2.1.11
soerennb eXtplorer 2.1.12
soerennb eXtplorer 2.1.13
soerennb eXtplorer 2.1.14
soerennb eXtplorer 2.1.15

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in soerennb eXtplorer up to 2.1.15. The affected element is an unknown function of the component Filename Handler. The manipulation results in cross site scripting. The attack may be launched remotely. The patch is identified as 002def70b985f7012586df2c44368845bf405ab3. Applying a patch is advised to resolve this issue.",
    "published": "2025-11-12T19:32:06.630Z",
    "modified": "2025-11-12T21:03:16.987Z",
    "type": "cve",
    "title": "soerennb eXtplorer Filename cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.332185\nhttps://vuldb.com/?ctiid.332185\nhttps://vuldb.com/?submit.682370\nhttps://github.com/soerennb/extplorer/issues/33\nhttps://github.com/soerennb/extplorer/commit/002def70b985f7012586df2c44368845bf405ab3",
    "id": "CVE-2025-13058",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "soerennb eXtplorer 2.1.0\nsoerennb eXtplorer 2.1.1\nsoerennb eXtplorer 2.1.2\nsoerennb eXtplorer 2.1.3\nsoerennb eXtplorer 2.1.4\nsoerennb eXtplorer 2.1.5\nsoerennb eXtplorer 2.1.6\nsoerennb eXtplorer 2.1.7\nsoerennb eXtplorer 2.1.8\nsoerennb eXtplorer 2.1.9\nsoerennb eXtplorer 2.1.10\nsoerennb eXtplorer 2.1.11\nsoerennb eXtplorer 2.1.12\nsoerennb eXtplorer 2.1.13\nsoerennb eXtplorer 2.1.14\nsoerennb eXtplorer 2.1.15",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "eXtplorer",
    "version": "2.1.0",
    "vendor": "soerennb",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}