Css Validator
1 CVEs
product
Monthly
There is a XXE in W3CSS Validator versions before cssval-20250226 that allows an attacker to use specially-crafted XML objects to coerce server-side request forgery (SSRF). Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
XXE
SSRF
Css Validator
NVD
GitHub
CVSS 4.0
8.4
EPSS
0.2%
CVE-2025-1781
EPSS 0%
CVSS 8.4
HIGH
POC
This Week
There is a XXE in W3CSS Validator versions before cssval-20250226 that allows an attacker to use specially-crafted XML objects to coerce server-side request forgery (SSRF). Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
XXE
SSRF
Css Validator
NVD
GitHub