Vulnerabilities and Security Researches

Astra Widgets, CVE-2025-68497

CVE, Research URL: CVE-2025-68497
Home page URL: Security reports for Astra Widgets
Application: Astra Widgets
Published on: Dec 24, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets astra-widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through <= 1.2.16.
Affected versions: max 1.2.16.
Status: vulnerable