Skip to main content

Webssh

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-7885 PyPI LOW POC PATCH Monitor

Reflected cross-site scripting in Huashengdun WebSSH up to version 1.6.2 allows remote attackers to inject malicious scripts via the hostname or port parameters on the login page, requiring user interaction to trigger. The vulnerability has a low CVSS score of 2.1 due to user interaction requirement and limited impact (integrity only), but publicly available exploit code exists and the vendor has not responded to disclosure attempts.

XSS Webssh
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7885 PyPI
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Reflected cross-site scripting in Huashengdun WebSSH up to version 1.6.2 allows remote attackers to inject malicious scripts via the hostname or port parameters on the login page, requiring user interaction to trigger. The vulnerability has a low CVSS score of 2.1 due to user interaction requirement and limited impact (integrity only), but publicly available exploit code exists and the vendor has not responded to disclosure attempts.

XSS Webssh
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy