Seafile

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-41080 MEDIUM This Month

A stored Cross-Site Scripting (XSS) vulnerability has been found in Seafile v12.0.10. This vulnerability allows an attacker to execute arbitrary code in the victim's browser by storing malicious payloads with POST parámetro 'p' in '/api/v2.1/repos/{repo_id}/file/'.

XSS RCE Debian Seafile Redhat

NVD

CVSS 3.1

6.1

EPSS

0.0%

CVE-2025-41079 MEDIUM This Month

A stored Cross-Site Scripting (XSS) vulnerability has been found in Seafile v12.0.10. This vulnerability allows an attacker to execute arbitrary code in the victim's browser by storing malicious payloads with PUT parámetro 'name' in '/api/v2.1/user/'.

XSS RCE Debian Seafile Redhat

NVD

CVSS 3.1

6.1

EPSS

0.0%

CVE-2025-41080

EPSS 0% CVSS 6.1

MEDIUM This Month

A stored Cross-Site Scripting (XSS) vulnerability has been found in Seafile v12.0.10. This vulnerability allows an attacker to execute arbitrary code in the victim's browser by storing malicious payloads with POST parámetro 'p' in '/api/v2.1/repos/{repo_id}/file/'.

XSS RCE Debian +2

NVD

CVE-2025-41079

EPSS 0% CVSS 6.1

MEDIUM This Month

A stored Cross-Site Scripting (XSS) vulnerability has been found in Seafile v12.0.10. This vulnerability allows an attacker to execute arbitrary code in the victim's browser by storing malicious payloads with PUT parámetro 'name' in '/api/v2.1/user/'.

XSS RCE Debian +2

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy