CVE-2025-65858 | Calibre-Web 0.6.25 /ajax/listusers Username cross site scripting

December 2, 2025 Yanac

A vulnerability identified as problematic has been detected in Calibre-Web 0.6.25. This issue affects some unknown processing of the file /ajax/listusers. This manipulation of the argument Username causes cross site scripting.

This vulnerability appears as CVE-2025-65858. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-13295 | Argus BILGER up to 2.4.8 Message Identifier insertion of sensitive information into sent data
CVE-2025-41066 | Horde Groupware 5.2.22 /imp/attachment.php id/u information disclosure