CVE-2025-23742

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Feb 14, 2025

CWE ID 79

Summary

CVE-2025-23742 is a Cross-site Scripting (XSS) vulnerability affecting Podamibe Twilio Private Call from version n/a through 1.0.1. Malicious scripts can be injected into the webpage generation process, potentially allowing attackers to steal user data or take control of their browsing sessions when they visit a specially crafted malicious website. This issue occurs due to improper neutralization of user inputs, making it essential for affected users to update their software to the latest version and practice safe browsing habits.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2hZxjJ
https://www.cve.org/CVERecord?id=CVE-2025-23742
https://nvd.nist.gov/vuln/detail/CVE-2025-23742

Back to Vulnerability Database

CVE-2025-23742

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations