VYPR
High severity7.1OSV Advisory· Published Aug 18, 2025· Updated Apr 15, 2026

CVE-2025-55291

CVE-2025-55291

Description

Shaarli is a minimalist bookmark manager and link sharing service. Prior to 0.15.0, the input string in the cloud tag page is not properly sanitized. This allows the tag to be prematurely closed, leading to a reflected Cross-Site Scripting (XSS) vulnerability. This vulnerability is fixed in 0.15.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Shaarli/ShaarliOSV2 versions
    0.5.3, help, v0.0.40beta, …+ 1 more
    • (no CPE)range: 0.5.3, help, v0.0.40beta, …
    • (no CPE)range: < 0.15.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.