CVE-2025-40642 | WebWork Parameter /search q/engine cross site scripting

September 8, 2025 Yanac

A vulnerability classified as problematic was found in WebWork. Impacted is an unknown function of the file /search of the component Parameter Handler. The manipulation of the argument q/engine results in cross site scripting.

This vulnerability is cataloged as CVE-2025-40642. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-40641 | Multi-Purpose Inventory Management System Non-defining Query update product_name cross site scripting
CVE-2025-3212 | Arm Bifrost GPU Kernel Driver use after free