CVE-2025-51488

Published
View on NVD ↗
CVSS v3
4.9
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS

Description

A Stored Cross-Site Scripting (XSS) vulnerability exists in MoonShine version < 3.12.4, allowing remote attackers to store and execute arbitrary JavaScript by including a malicious HTML payload in the Name parameter when creating a new Admin.

GiacoLenzo2109/MoonShine_Software_PoCs
GiacoLenzo2109/MoonShine_Software_PoCs
GitHubGitHub
moonshine-software/moonshine
moonshine-software/moonshine
Laravel Admin panel and more. Simple for beginners and powerful for experts. Using Blade, Alpine.js and Tailwind CSS.
GitHubGitHub
1.1K