← Zuruck zu CVEs
CVE-2025-41000
N/ABeschreibung
Cross-Frame Scripting (XFS) vulnerability in BoomCMS v9.1.4 from UXB London. XFS is a web attack technique that exploits specific browser bugs to spy on users via JavaScript. This type of attack is based on social engineering and depends entirely on the browser chosen by the user, so it is perceived as a minor threat to web application security. This vulnerability only works in older browsers.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht9/3/2025
Zuletzt geandert9/4/2025
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-1021
Referenzen
https://www.incibe.es/en/incibe-cert/notices/aviso/cross-frame-scripting-xfs-boomcms(cve-coordination@incibe.es)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.