CVE-2025-23641
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Jan 16, 2025
CWE ID 79
Summary
CVE-2025-23641 is a Cross-Site Scripting (XSS) vulnerability affecting Thomas Ehrhardt Powie's pLinks PagePeeker. The issue, located within the web page generation process, allows attackers to inject malicious scripts into a victim's browser by exploiting DOM-Based XSS. This defect poses a significant risk as it can lead to data theft, session hijacking, and other malicious activities. The vulnerability affects pLinks PagePeeker versions from n/a through 1.0.2.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share