Unrated severityNVD Advisory· Published Nov 19, 2025· Updated Nov 20, 2025
CVE-2025-51662
CVE-2025-51662
Description
A stored cross-site scripting (XSS) vulnerability is found in the text sharing feature of FileCodeBox version 2.2 and earlier. Insufficient input validation allows attackers to inject arbitrary JavaScript code into shared text "codeboxes". The xss payload is automatically executed in the browsers of any users who try to access the infected codebox by clicking link or entering share code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=2.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.