CVE-2025-10340 | WhatCD Gazelle up to 63b337026d49b5cf63ce4be20fdabdc880112fa3 Commit Message change_log.php cross site scripting

A vulnerability categorized as problematic has been discovered in WhatCD Gazelle up to 63b337026d49b5cf63ce4be20fdabdc880112fa3. The affected element is an unknown function of the file /sections/tools/managers/change_log.php of the component Commit Message Handler. Executing manipulation of the argument Message can lead to cross site scripting.

This vulnerability appears as CVE-2025-10340. The attack may be performed from remote. In addition, an exploit is available.

This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed.VulDB Recent EntriesRead More