Rivek619/CVE-2025-65675

Releases0

Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG profile pictures. Discovered by - Rivek Raj Tamang (RivuDon), Sikkim, India.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-65675 ↗	Nov 26, 2025Wednesday, 26 November 2025, 19:15	5.4 MEDIUM	—
Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG profile pictures.