Home > Vulnerability Database > CVE-2025-30081

Mend.io Vulnerability Database

CVE-2025-30081

Good to know:

Date: August 19, 2025

A cross-site scripting (XSS) vulnerability has been discovered in the Clickstorm SEO extension. This vulnerabily is exploitable by a logged in backend user utilizing the TYPO3 backend user interface. This user can create output in the HTML context by exploiting improperly encoded user input. Updates 6.7.0, 7.4.0, 8.3.0 and 9.2.0 are available for download.

Severity Score

6.3

Related Resources (6)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-30081

Url: https://github.com/clickstorm/cs_seo

Url: https://typo3.org/security/advisory/typo3-ext-sa-2025-003

Url: https://github.com/FriendsOfPHP/security-advisories/blob/master/clickstorm/cs-seo/CVE-2025-30081.yaml

Url: https://github.com/clickstorm/cs_seo/commit/46e15a22d52da227b110bf6e95c2bcbb2fe4f55f

Url: https://www.mend.io/vulnerability-database/CVE-2025-30081

Severity Score

6.3

Weakness Type (CWE)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-79

Top Fix

Upgrade Version

Upgrade to version https://github.com/clickstorm/cs_seo.git - 9.2.0;https://github.com/clickstorm/cs_seo.git - 8.3.0;https://github.com/clickstorm/cs_seo.git - 7.4.0;https://github.com/clickstorm/cs_seo.git - 6.7.0

Learn More

CVSS v3.1

Base Score:	6.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2025-30081

Good to know:

Date: August 19, 2025

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?