devaslanphp CVE Vulnerabilities & CVE List (1)

Products (CPE): — CVEs: 1

devaslanphp vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to devaslanphp, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 11 of 1 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2025-52203 A stored cross-site scripting (XSS) vulnerability exists in DevaslanPHP project-management v1.2.4. The vulnerability resides in the Ticket Name field, which fails to properly sanitize user-supplied input. An authenticated attacker can inject malicious JavaScript payloads into this field, which are subsequently stored in the database. When a legitimate user logs in and is redirected to the Dashboard panel "automatically upon authentication the malicious script executes in the user's browser conte [email protected] 7.6 0.26% 2025-07-31 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence