CodePen Embed Block, CVE-2025-50023

CVE, Research URL: CVE-2025-50023
Home page URL: Security reports for CodePen Embed Block
Application: CodePen Embed Block
Published on: Jun 20, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Coyier CodePen Embed Block allows Stored XSS. This issue affects CodePen Embed Block: from n/a through 1.1.1.
Affected versions: Min -, max 1.1.1.
Status: vulnerable