VYPR
Low severityOSV Advisory· Published May 15, 2025· Updated Jun 17, 2026

CVE-2025-47929

CVE-2025-47929

Description

DumbDrop, a file upload application that provides an interface for dragging and dropping files, has a DOM cross-site scripting vulnerability in the upload functionality prior to commit db27b25372eb9071e63583d8faed2111a2b79f1b. A user could be tricked into uploading a file with a malicious payload. Commit db27b25372eb9071e63583d8faed2111a2b79f1b fixes the vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Dumbwareio/DumbdropOSV2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <db27b25372eb9071e63583d8faed2111a2b79f1b

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.