Home > Vulnerability Database > CVE-2025-13058

Mend.io Vulnerability Database

CVE-2025-13058

Good to know:

Date: November 12, 2025

A security flaw has been discovered in soerennb eXtplorer up to 2.1.15. The affected element is an unknown function of the component Filename Handler. The manipulation results in cross site scripting. The attack may be launched remotely. The patch is identified as 002def70b985f7012586df2c44368845bf405ab3. Applying a patch is advised to resolve this issue.

Severity Score

6.1

Related Resources (7)

Url: https://vuldb.com/?id.332185

Url: https://vuldb.com/?submit.682370

Url: https://github.com/soerennb/extplorer/issues/33

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-13058

Url: https://github.com/soerennb/extplorer/commit/002def70b985f7012586df2c44368845bf405ab3

Url: https://vuldb.com/?ctiid.332185

Url: https://www.mend.io/vulnerability-database/CVE-2025-13058

Severity Score

6.1

Weakness Type (CWE)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-79

Improper Control of Generation of Code ('Code Injection')

CWE-94

CVSS v3.1

Base Score:	6.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-13058

Good to know:

Date: November 12, 2025

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?