Interactive Content – H5P, CVE-2025-62951

CVE, Research URL: CVE-2025-62951
Home page URL: Security reports for Interactive Content – H5P
Application: Interactive Content – H5P
Published on: Oct 27, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in icc0rz Interactive Content – H5P h5p allows Stored XSS.This issue affects Interactive Content – H5P: from n/a through <= 1.16.0.
Affected versions: max 1.16.0.
Status: vulnerable