CVE-2025-66024 | xwiki-contrib application-blog-ui up to 9.15.6 Blog Post Title cross site scripting (GHSA-h2xq-h7f9-vh6c)

A vulnerability categorized as problematic has been discovered in xwiki-contrib application-blog-ui up to 9.15.6. This impacts an unknown function of the component Blog Post Title Handler. Executing a manipulation can lead to cross site scripting.

The identification of this vulnerability is CVE-2025-66024. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More