Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Versions prior to 0.6.5 allow HTML form elements to be submitted, making the software vulnerable to HTML injection. Version 0.6.5 fixes the issue.
References
Configurations
No configuration.
History
17 Jul 2025, 15:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/fedify-dev/hollo/security/advisories/GHSA-w7gc-g3x7-hq8h - |
17 Jul 2025, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-07-17 14:15
Updated : 2025-07-17 21:15
NVD link : CVE-2025-53941
Mitre link : CVE-2025-53941
CVE.ORG link : CVE-2025-53941
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')