CVE-2025-31128

Published: Mar 31, 2025

Modified: Jun 12, 2025

PUBLISHED

Description

gifplayer is a customizable jquery plugin to play and stop animated gifs. gifplayer contains a cross-site scripting (XSS) vulnerability. This vulnerability is fixed in 0.3.7.

Vendor	Product	Versions
rubentd	gifplayer	affected `< 0.3.7`

Weaknesses (CWE)

CWE-79

References

https://github.com/rubentd/gifplayer/security/advisories/GHSA-gr7w-hmch-25g7

x_refsource_CONFIRM

https://github.com/rubentd/gifplayer/commit/2966193d4d066e5a6ba09dbdf1e1c7f8238630c8

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-31128

Description

Affected Products

Weaknesses (CWE)

References