CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-64177

ThinkDashboard is a self-hosted bookmark dashboard built with Go and vanilla JavaScript. In versions 0.6.7 and below, there is a stored Cross-Site Scripting (XSS) vulnerability in the dashboard, which can exploited when a user clicks on a malicious bookmark, made vulnerable by the lack of scheme filtering. This is fixed in version 0.6.8.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.4%

CVSS Severity

CVSS v3 Score 5.4

References

Products affected by CVE-2025-64177

Matiasdesuu » Thinkdashboard » Version: 0.2

cpe:2.3:a:matiasdesuu:thinkdashboard:0.2
Matiasdesuu » Thinkdashboard » Version: 0.2.1

cpe:2.3:a:matiasdesuu:thinkdashboard:0.2.1
Matiasdesuu » Thinkdashboard » Version: 0.3

cpe:2.3:a:matiasdesuu:thinkdashboard:0.3
Matiasdesuu » Thinkdashboard » Version: 0.3.1

cpe:2.3:a:matiasdesuu:thinkdashboard:0.3.1
Matiasdesuu » Thinkdashboard » Version: 0.4

cpe:2.3:a:matiasdesuu:thinkdashboard:0.4
Matiasdesuu » Thinkdashboard » Version: 0.4.5

cpe:2.3:a:matiasdesuu:thinkdashboard:0.4.5
Matiasdesuu » Thinkdashboard » Version: 0.5

cpe:2.3:a:matiasdesuu:thinkdashboard:0.5
Matiasdesuu » Thinkdashboard » Version: 0.5.5

cpe:2.3:a:matiasdesuu:thinkdashboard:0.5.5
Matiasdesuu » Thinkdashboard » Version: 0.6

cpe:2.3:a:matiasdesuu:thinkdashboard:0.6
Matiasdesuu » Thinkdashboard » Version: 0.6.5

cpe:2.3:a:matiasdesuu:thinkdashboard:0.6.5
Matiasdesuu » Thinkdashboard » Version: 0.6.6

cpe:2.3:a:matiasdesuu:thinkdashboard:0.6.6
Matiasdesuu » Thinkdashboard » Version: 0.6.7

cpe:2.3:a:matiasdesuu:thinkdashboard:0.6.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-64177

Products

Pricing

Contact Us