{"id":68325,"date":"2025-08-18T22:31:40","date_gmt":"2025-08-18T19:01:40","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-55291-shaarli-reflected-cross-site-scripting-xss\/"},"modified":"2025-08-18T22:31:40","modified_gmt":"2025-08-18T19:01:40","slug":"cve-2025-55291-shaarli-reflected-cross-site-scripting-xss","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-55291-shaarli-reflected-cross-site-scripting-xss\/","title":{"rendered":"CVE-2025-55291 &#8211; Shaarli Reflected Cross-Site Scripting (XSS)"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-55291<br \/>\n<br \/>\n<strong>Published : <\/strong> Aug. 18, 2025, 5:15 p.m. | 56\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>Shaarli is a minimalist bookmark manager and link sharing service. Prior to 0.15.0, the input string in the cloud tag page is not properly sanitized. This allows the  tag to be prematurely closed, leading to a reflected Cross-Site Scripting (XSS) vulnerability. This vulnerability is fixed in 0.15.0.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 7.1 | HIGH<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-55291 Published : Aug. 18, 2025, 5:15 p.m. | 56\u00a0minutes ago Description : Shaarli is a minimalist bookmark manager and link sharing service. Prior to 0.15.0, the input string in the cloud tag page is not properly sanitized. This allows the tag to be prematurely closed, leading to a reflected Cross-Site Scripting &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-68325","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/68325","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=68325"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/68325\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=68325"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=68325"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=68325"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}