VYPR
Medium severity6.1OSV Advisory· Published Jul 17, 2025· Updated Apr 15, 2026

CVE-2025-53941

CVE-2025-53941

Description

Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Versions prior to 0.6.5 allow HTML form elements to be submitted, making the software vulnerable to HTML injection. Version 0.6.5 fixes the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Fedify Dev/HolloOSV2 versions
    0.1.0, 0.2.0, 0.3.0, …+ 1 more
    • (no CPE)range: 0.1.0, 0.2.0, 0.3.0, …
    • (no CPE)range: <0.6.5

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.