CVE-2025-51662

Published: Nov 19, 2025

Modified: Nov 20, 2025

PUBLISHED

Description

A stored cross-site scripting (XSS) vulnerability is found in the text sharing feature of FileCodeBox version 2.2 and earlier. Insufficient input validation allows attackers to inject arbitrary JavaScript code into shared text "codeboxes". The xss payload is automatically executed in the browsers of any users who try to access the infected codebox by clicking link or entering share code.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/vastsa/FileCodeBox

https://github.com/vastsa/FileCodeBox/issues/351

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-51662

Description

Affected Products

References