Bitplatform Boilerplate has cross-site scripting vulnerability_CVE-2025-64710

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Description

Bitplatform Boilerplate is a Visual studio and .NET project template. Versions prior to 9.11.3 are affected by a cross-site scripting (XSS) vulnerability in the WebInteropApp/WebAppInterop, potentially allowing attackers to inject malicious scripts that compromise the security and integrity of web applications. Applications based on this Bitplatform Boilerplate might also be vulnerable. Version 9.11.3 fixes the issue.

Basic Information

ID CVE-2025-64710

Source GitHub_M

Published Nov 13, 2025 at 01:40

Affected Product

Vendor bitfoundation

Product bitplatform

Version < 9.11.3

Affected Versions bitfoundation bitplatform < 9.11.3

CWE Classification

CWE-79

References

github.com /bitfoundation/bitplatform/security/advisories/GHSA-rv95-xj37-7c3w

{
    "lastseen": "",
    "description": "Bitplatform Boilerplate is a Visual studio and .NET project template. Versions prior to 9.11.3 are affected by a cross-site scripting (XSS) vulnerability in the WebInteropApp/WebAppInterop, potentially allowing attackers to inject malicious scripts that compromise the security and integrity of web applications. Applications based on this Bitplatform Boilerplate might also be vulnerable. Version 9.11.3 fixes the issue.",
    "published": "2025-11-13T01:40:55.653Z",
    "modified": "2025-11-13T01:40:55.653Z",
    "type": "cve",
    "title": "Bitplatform Boilerplate has cross-site scripting vulnerability",
    "source": "GitHub_M",
    "references": "https://github.com/bitfoundation/bitplatform/security/advisories/GHSA-rv95-xj37-7c3w",
    "id": "CVE-2025-64710",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "bitfoundation bitplatform < 9.11.3",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "bitplatform",
    "version": "< 9.11.3",
    "vendor": "bitfoundation",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}