{"id":29168,"date":"2025-04-22T13:43:23","date_gmt":"2025-04-22T13:43:23","guid":{"rendered":""},"modified":"2025-05-22T17:26:06","modified_gmt":"2025-05-22T17:26:06","slug":"cve-2025-30511-stored-xss-vulnerability-due-to-improper-sanitization-of-plant-name-input","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-30511-stored-xss-vulnerability-due-to-improper-sanitization-of-plant-name-input\/","title":{"rendered":"CVE-2025-30511: Stored XSS Vulnerability due to Improper Sanitization of Plant Name Input<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

CVE-2025-30511 is a serious vulnerability discovered that allows an authenticated attacker to potentially compromise a system or leak sensitive data via a stored Cross-Site Scripting (XSS) attack. This vulnerability arises due to improper sanitization of the plant name value during the process of adding or editing a plant in a system. As a cybersecurity professional, it’s important to understand this vulnerability, its potential impacts, and the steps to mitigate it to ensure the security<\/a> of your systems.
\nThis vulnerability affects all systems<\/a> that haven’t applied the vendor patch and are using the affected versions of the software. The potential impact of this vulnerability is significant, because once exploited, it can lead to system compromise and potential<\/a> data leakage, posing great security risks to the affected systems and data.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-30511
\nSeverity: High – CVSS Score 8.8
\nAttack Vector: Network
\nPrivileges Required: Low
\nUser Interaction: Required
\nImpact: System compromise and potential data leakage<\/a><\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n