CVE-2025-65465

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS

Description

A reflected Cross-Site Scripting (XSS) vulnerability in the RaiseError function of Skrol29 TbsZip version 2.17 and earlier allows remote attackers to execute arbitrary web script or HTML via a crafted payload in a filename parameter (e.g., to the FileRead function). This occurs because the error message is not properly sanitized before being output to the user. This vulnerability is fixed in version 2.18.

Skrol29/opentbs
Skrol29/opentbs
With OpenTBS you can merge OpenOffice - LibreOffice and Ms Office documents with PHP using the TinyButStrong template engine. Simple use OpenOffice - LibreOffice or Ms Office to edit your templates : DOCX, XLSX, PPTX, ODT, OSD, ODP and other formats. That is the Natural Template philosophy.
GitHubGitHub
82
Skrol29/tbszip
Skrol29/tbszip
TbsZip is a simple PHP class that helps to work with zip archives. You can create a new archive, or virtually read and modify an existing one. It needs no exe file and makes no temporary files.
GitHubGitHub
6