GHSA-hwpg-x5hw-vpv9

Source

https://github.com/advisories/GHSA-hwpg-x5hw-vpv9

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/06/GHSA-hwpg-x5hw-vpv9/GHSA-hwpg-x5hw-vpv9.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-hwpg-x5hw-vpv9

Aliases

CVE-2025-52558

Published

2025-06-23T21:21:41Z

Modified

2025-06-27T23:27:02.888558Z

Severity

7.0 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N CVSS Calculator

Summary

ChangeDetection.io XSS in watch overview

Details

Impact

XSS - Errors in filters from website page change detection watches were not being filtered.

Patches

0.50.4

Database specific

{
    "cwe_ids": [
        "CWE-79"
    ],
    "github_reviewed_at": "2025-06-23T21:21:41Z",
    "nvd_published_at": "2025-06-23T21:15:26Z",
    "severity": "HIGH",
    "github_reviewed": true
}

References

Affected packages

PyPI / changedetection-io

Package

Name: changedetection-io; View open source insights on deps.dev
Purl: pkg:pypi/changedetection-io

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.50.4

Affected versions

0.*

0.38.2

0.39

0.39.1

0.39.2

0.39.3

0.39.4

0.39.5

0.39.6

0.39.7

0.39.8

0.39.9

0.39.10

0.39.10.post1

0.39.10.post2

0.39.11

0.39.12

0.39.13

0.39.13.1

0.39.14

0.39.14.1

0.39.15

0.39.16

0.39.17

0.39.17.1

0.39.17.2

0.39.18

0.39.19

0.39.19.1

0.39.20

0.39.20.1

0.39.20.2

0.39.20.3

0.39.20.4

0.39.21

0.39.21.1

0.39.22

0.39.22.1

0.40.0

0.40.0.1

0.40.0.2

0.40.0.3

0.40.0.4

0.40.1.0

0.40.1.1

0.40.2

0.40.3

0.41

0.41.1

0.42

0.42.1

0.42.2

0.42.3

0.43.1

0.43.2

0.44

0.44.1

0.45

0.45.1

0.45.2

0.45.3

0.45.4

0.45.5

0.45.6

0.45.7

0.45.7.1

0.45.7.2

0.45.7.3

0.45.8

0.45.8.1

0.45.9

0.45.11

0.45.12

0.45.13

0.45.14

0.45.15

0.45.16

0.45.17

0.45.18

0.45.19

0.45.20

0.45.21

0.45.22

0.45.23

0.45.24

0.45.25

0.45.26

0.46.0

0.46.1

0.46.2

0.46.3

0.46.4

0.47.0

0.47.1

0.47.2

0.47.3

0.47.4

0.47.5

0.47.6

0.48.0

0.48.1

0.48.2

0.48.3

0.48.4

0.48.5

0.48.6

0.49.0

0.49.1

0.49.2

0.49.3

0.49.4

0.49.5

0.49.6

0.49.7

0.49.8

0.49.9

0.49.10

0.49.12

0.49.13

0.49.14

0.49.15

0.49.16

0.49.17

0.49.18

0.50.1

0.50.2

0.50.3

Database specific

last_known_affected_version_range

"<= 0.50.3"

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/06/GHSA-hwpg-x5hw-vpv9/GHSA-hwpg-x5hw-vpv9.json"