216.73.217.64

CVE-2025-53941

· Published 17/07/2025 14:15 · Modified 17/07/2025 21:15

Labels: CVE-2025-53941 2025-07-17CVE-2025-53941CWE-79[email protected]

Essential information

Published
17/07/2025 14:15
Modified
17/07/2025 21:15
Author
Creator
CVSS
6.1 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS metrics

Description

Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Versions prior to 0.6.5 allow HTML form elements to be submitted, making the software vulnerable to HTML injection. Version 0.6.5 fixes the issue.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
hollo / hollo cpe:2.3:a:hollo:hollo:<0.6.5:*:*:*:*:*:*:*

References