CVE-2025-53941

Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Versions prior to 0.6.5 allow HTML form elements to be submitted, making the software vulnerable to HTML injection. Version 0.6.5 fixes the issue.
Configurations

No configuration.

History

17 Jul 2025, 15:15

Type Values Removed Values Added
References () https://github.com/fedify-dev/hollo/security/advisories/GHSA-w7gc-g3x7-hq8h - () https://github.com/fedify-dev/hollo/security/advisories/GHSA-w7gc-g3x7-hq8h -

17 Jul 2025, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-07-17 14:15

Updated : 2025-07-17 21:15


NVD link : CVE-2025-53941

Mitre link : CVE-2025-53941

CVE.ORG link : CVE-2025-53941


JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')