CVE-2025-23480
published 2025-03-03CVE-2025-23480: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MicahBlu RSVP ME rsvp-me allows Stored XSS.This issue…
PriorityP426medium6.5CVSS 3.1
AVNACLPRLUIRSCCLILAL
EPSS
0.24%
14.9th percentile
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MicahBlu RSVP ME rsvp-me allows Stored XSS.This issue affects RSVP ME: from n/a through <= 1.9.9.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| micahblu | rsvp_me | <= 1.9.9 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2025-61985 openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
bugzilla·2025-10-06·CVSS 3.6
CVE-2025-61985 [LOW] CVE-2025-61985 openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
CVE-2025-61985 openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10
Via RHSA-2025:23479 https://access.redhat.com/errata/RHSA-2025:23479
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2025:23480 https://access.redhat.com/errata/RHSA-2025:23480
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2025:23481 https://access.redhat.com/errata/RHSA-2025:23481
---
This issue has been addressed in the following products:
Bugzilla
CVE-2025-61984 openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand
bugzilla·2025-10-06·CVSS 3.6
CVE-2025-61984 [LOW] CVE-2025-61984 openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand
CVE-2025-61984 openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10
Via RHSA-2025:23479 https://access.redhat.com/errata/RHSA-2025:23479
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2025:23480 https://access.red
2025-03-03
Published