Description

OpenList Frontend is a UI component for OpenList. Prior to version 4.0.0-rc.4, a vulnerability exists in the file preview/browsing feature of the application, where files with a .py extension that contain JavaScript code wrapped in <script> tags may be interpreted and executed as HTML in certain modes. This leads to a stored XSS vulnerability. This issue has been patched in version 4.0.0-rc.4.

INFO

Published Date :

2025-06-19T02:20:32.618Z

Last Modified :

2025-06-23T16:57:37.085Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-50183 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-50183.

URL Resource
https://github.com/OpenListTeam/OpenList-Frontend/commit/7b5ed20c608c7b9b36d1950a386678e0a89f8175 cve-icon cve-icon
https://github.com/OpenListTeam/OpenList/security/advisories/GHSA-2hw3-h8qx-hqqp cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact