CVE-2025-68115 | parse-server up to 8.6.0 cross site scripting (GHSA-jhgf-2h8h-ggxv)

December 16, 2025 Yanac

A vulnerability was found in parse-server up to 8.6.0. It has been classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting.

This vulnerability is listed as CVE-2025-68115. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More

CVE-2025-67715 | weblate up to 5.14 API access control (GHSA-3pmh-24wp-xpf4)
CVE-2025-9121 | Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard deserialization