Untriaged
Permalink
CVE-2025-28855
7.1 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): CHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
WordPress Teleport plugin <= 1.2.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Teleport allows Reflected XSS. This issue affects Teleport: from n/a through 1.2.4.
References
Affected products
teleport
- =<1.2.4
Matching in nixpkgs
pkgs.teleport_16
Certificate authority and access plane for SSH, Kubernetes, web applications, and databases
-
nixos-unstable -
- nixpkgs-unstable 16.5.15
pkgs.teleport_17
Certificate authority and access plane for SSH, Kubernetes, web applications, and databases
-
nixos-unstable -
- nixpkgs-unstable 17.7.3
pkgs.teleport_18
Certificate authority and access plane for SSH, Kubernetes, web applications, and databases
-
nixos-unstable -
- nixpkgs-unstable 18.2.0
pkgs.lomiri.teleports
Ubuntu Touch Telegram client
-
nixos-unstable -
- nixpkgs-unstable 1.21
pkgs.obs-studio-plugins.obs-teleport
OBS Studio plugin for an open NDI-like replacement
-
nixos-unstable -
- nixpkgs-unstable 0.7.5
Package maintainers
-
@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>
-
@JuliusFreudenberger Julius Freudenberger
-
@freezeboy freezeboy
-
@arianvp Arian van Putten <arian.vanputten@gmail.com>
-
@techknowlogick techknowlogick <techknowlogick@gitea.com>
-
@sigma Yann Hodique <yann.hodique@gmail.com>
-
@tomberek Thomas Bereknyei <tomberek@gmail.com>
-
@justinas Justinas Stankevičius <justinas@justinas.org>