Htmly

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-56154 MEDIUM This Month

htmly v3.0.8 is vulnerable to Cross Site Scripting (XSS) in the /author/:name endpoint of the affected application. The name parameter is not properly sanitized before being reflected in the HTML response, allowing attackers to inject arbitrary JavaScript payloads.

XSS Htmly
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-10758 MEDIUM POC This Month

A security vulnerability has been detected in htmly up to 3.1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Htmly
NVD VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2025-56154
EPSS 0% CVSS 6.1
MEDIUM This Month

htmly v3.0.8 is vulnerable to Cross Site Scripting (XSS) in the /author/:name endpoint of the affected application. The name parameter is not properly sanitized before being reflected in the HTML response, allowing attackers to inject arbitrary JavaScript payloads.

XSS Htmly
NVD GitHub
CVE-2025-10758
EPSS 0% CVSS 4.8
MEDIUM POC This Month

A security vulnerability has been detected in htmly up to 3.1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Htmly
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy