CVE-2025-50053

{"id": "CVE-2025-50053", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 2.8}]}, "published": "2025-12-31T20:15:42.793", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/yournewsapp/vulnerability/wordpress-blappsta-mobile-app-plugin-your-native-mobile-iphone-app-and-android-app-plugin-0-8-8-8-cross-site-scripting-xss-vulnerability?_s_id=cve", "source": "audit@patchstack.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nebelhorn Blappsta Mobile App Plugin \u2013 Your native, mobile iPhone App and Android App yournewsapp allows Reflected XSS.This issue affects Blappsta Mobile App Plugin \u2013 Your native, mobile iPhone App and Android App: from n/a through <= 0.8.8.8."}, {"lang": "es", "value": "Neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site scripting') vulnerabilidad en el plugin de la aplicaci\u00f3n m\u00f3vil Blappsta de nebelhorn y su aplicaci\u00f3n nativa m\u00f3vil para iPhone y Android permite XSS reflejado. Este problema afecta al plugin de la aplicaci\u00f3n m\u00f3vil Blappsta \u2013 Su aplicaci\u00f3n nativa m\u00f3vil para iPhone y Android: desde n/d hasta 0.8.8.8."}], "lastModified": "2026-04-28T19:33:22.127", "sourceIdentifier": "audit@patchstack.com"}