Floating Window Music Player, CVE-2025-48104

CVE, Research URL: CVE-2025-48104
Home page URL: Security reports for Floating Window Music Player
Application: Floating Window Music Player
Published on: Sep 05, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in ericzane Floating Window Music Player allows Stored XSS. This issue affects Floating Window Music Player: from n/a through 3.4.2.
Affected versions: Min -, max 3.4.2.
Status: vulnerable