Medium severity6.1NVD Advisory· Published May 2, 2025· Updated Jun 17, 2026
CVE-2025-2488
CVE-2025-2488
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting (XSS).
This issue affects SambaBox: before 5.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<5.1+ 1 more
- (no CPE)range: <5.1
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
3- www.usom.gov.tr/bildirim/tr-25-0101nvdThird Party Advisory
- sambabox.io/2025/04/14/version-5-1/nvdProductRelease Notes
- siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0101nvd
News mentions
0No linked articles in our index yet.