CVE Details
Basic Information
| Title | CVE-2025-23988 |
|---|---|
| Type | cve |
| Published | 2025-05-19T16:15:27 |
| Last Seen | 2025-05-19T16:18:33 |
CVSS Information
| Base Score | 7.1 (HIGH) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality Impact | LOW |
| Integrity Impact | LOW |
| Availability Impact | LOW |
AI Analysis
| AI Description | A reflected XSS vulnerability in Bruno Cavalcante’s Ghostwriter allows attackers to inject malicious scripts, potentially stealing user session data or redirecting users to malicious sites. This issue is moderately severe due to its impact on user sessions. |
|---|---|
| AI Severity | High |
| Vendor | Bruno Cavalcante |
| Product | Ghostwriter |
| Affected Version | Unspecified |
Additional Information
| CVE List | CVE-2025-23988 |
|---|---|
| CWE List | CWE-79 |
| Bulletin Family | cve |
Description
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Bruno Cavalcante Ghostwriter allows Reflected XSS. This issue affects Ghostwriter: from…
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)