Skip to main content

Roothub

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-8211 LOW POC Monitor

Roothub versions up to 2.6 contain a reflected cross-site scripting (XSS) vulnerability in the SystemConfigAdminController Edit function that allows authenticated users to inject malicious scripts via the web interface. The vulnerability requires user interaction (clicking a malicious link) and authenticated access, limiting its practical impact despite network-accessible delivery. Publicly available exploit code exists, though real-world exploitation risk is low given the EPSS score of 0.06% and the authentication barrier.

Java XSS Roothub
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-8211
EPSS 0% CVSS 2.0
LOW POC Monitor

Roothub versions up to 2.6 contain a reflected cross-site scripting (XSS) vulnerability in the SystemConfigAdminController Edit function that allows authenticated users to inject malicious scripts via the web interface. The vulnerability requires user interaction (clicking a malicious link) and authenticated access, limiting its practical impact despite network-accessible delivery. Publicly available exploit code exists, though real-world exploitation risk is low given the EPSS score of 0.06% and the authentication barrier.

Java XSS Roothub
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy