{"id":68326,"date":"2025-08-18T22:31:44","date_gmt":"2025-08-18T19:01:44","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-55288-genealogy-php-authenticated-reflected-cross-site-scripting-xss-vulnerability\/"},"modified":"2025-08-18T22:31:44","modified_gmt":"2025-08-18T19:01:44","slug":"cve-2025-55288-genealogy-php-authenticated-reflected-cross-site-scripting-xss-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-55288-genealogy-php-authenticated-reflected-cross-site-scripting-xss-vulnerability\/","title":{"rendered":"CVE-2025-55288 &#8211; Genealogy PHP Authenticated Reflected Cross-Site Scripting (XSS) Vulnerability"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-55288<br \/>\n<br \/>\n<strong>Published : <\/strong> Aug. 18, 2025, 5:15 p.m. | 56\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Reflected Cross-Site Scripting (XSS) vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user\u2019s session, leading to session hijacking, data theft, and UI manipulation. This vulnerability is fixed in 4.4.0.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 5.5 | MEDIUM<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-55288 Published : Aug. 18, 2025, 5:15 p.m. | 56\u00a0minutes ago Description : Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Reflected Cross-Site Scripting (XSS) vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user\u2019s session, leading to session hijacking, data theft, and &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-68326","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/68326","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=68326"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/68326\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=68326"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=68326"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=68326"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}