CVE-2025-45806

Published April 9th, 2026

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

A cross-site scripting (XSS) vulnerability in rrweb-snapshot before v2.0.0-alpha.18 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

rrweb-io/rrweb

record and replay the web

GitHub

19.7K