CVEDB API

Vulnerabilities

Vulnerable Software

Hallowelt: >> Bluespice >> 5.1.1 Security Vulnerabilities

CVE-2025-58114

Improper Input Validation vulnerability in Hallo Welt! GmbH BlueSpice (Extension:CognitiveProcessDesigner) allows Cross-Site Scripting (XSS).This issue affects BlueSpice: from 5 through 5.1.1.

CVSS Score

4.8

EPSS Score

0.0

Published

2025-09-19

CVE-2025-57880

Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice (Extension:BlueSpiceWhoIsOnline) allows Cross-Site Scripting (XSS). This issue affects BlueSpice: from 5 through 5.1.1.

CVSS Score

5.4

EPSS Score

0.0

Published

2025-09-19

CVE-2025-46703

Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice (Extension:AtMentions) allows Cross-Site Scripting (XSS). This issue affects BlueSpice: from 5 through 5.1.1.

CVSS Score

6.4

EPSS Score

0.0

Published

2025-09-19

CVE-2025-48007

Improper Encoding or Escaping of Output vulnerability in Hallo Welt! GmbH BlueSpice (Extension:BlueSpiceAvatars) allows Cross-Site Scripting (XSS). This issue affects BlueSpice: from 5 through 5.1.1.

CVSS Score

6.4

EPSS Score

0.0

Published

2025-09-19

Page 1

Vulnerabilities

Vulnerable Software

Hallowelt: >> Bluespice >> 5.1.1 Security Vulnerabilities

Products

Pricing

Contact Us