CVE-2025-13058

Source
https://cve.org/CVERecord?id=CVE-2025-13058
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13058.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-13058
Downstream
Published
2025-11-12T19:32:06.630Z
Modified
2026-07-08T07:09:20.174722218Z
Severity
  • 5.1 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X CVSS Calculator
Summary
soerennb eXtplorer Filename cross site scripting
Details

A security flaw has been discovered in soerennb eXtplorer up to 2.1.15. The affected element is an unknown function of the component Filename Handler. The manipulation results in cross site scripting. The attack may be launched remotely. The patch is identified as 002def70b985f7012586df2c44368845bf405ab3. Applying a patch is advised to resolve this issue.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/13xxx/CVE-2025-13058.json",
    "cna_assigner": "VulDB",
    "cwe_ids": [
        "CWE-79",
        "CWE-94"
    ],
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "introduced": "2.1.0"
                },
                {
                    "last_affected": "2.1.0"
                },
                {
                    "introduced": "2.1.1"
                },
                {
                    "last_affected": "2.1.1"
                },
                {
                    "introduced": "2.1.2"
                },
                {
                    "last_affected": "2.1.2"
                },
                {
                    "introduced": "2.1.3"
                },
                {
                    "last_affected": "2.1.3"
                },
                {
                    "introduced": "2.1.4"
                },
                {
                    "last_affected": "2.1.4"
                },
                {
                    "introduced": "2.1.5"
                },
                {
                    "last_affected": "2.1.5"
                },
                {
                    "introduced": "2.1.6"
                },
                {
                    "last_affected": "2.1.6"
                },
                {
                    "introduced": "2.1.7"
                },
                {
                    "last_affected": "2.1.7"
                },
                {
                    "introduced": "2.1.8"
                },
                {
                    "last_affected": "2.1.8"
                },
                {
                    "introduced": "2.1.9"
                },
                {
                    "last_affected": "2.1.9"
                },
                {
                    "introduced": "2.1.10"
                },
                {
                    "last_affected": "2.1.10"
                },
                {
                    "introduced": "2.1.12"
                },
                {
                    "last_affected": "2.1.12"
                }
            ]
        }
    ]
}
References

Affected packages

Git / github.com/soerennb/extplorer

Affected ranges

Type
GIT
Repo
https://github.com/soerennb/extplorer
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "cpe": "cpe:2.3:a:extplorer:extplorer:*:*:*:*:*:*:*:*",
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.1.15"
        }
    ]
}

Affected versions

2.*
2.1.11
2.1.13
2.1.14
2.1.15
v2.*
v2.1.11
v2.1.13
v2.1.14
v2.1.15

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13058.json"