CVE-2025-2123
09.03.2025, 15:15
A vulnerability, which was classified as problematic, has been found in GeSHi up to 1.0.9.1. Affected by this issue is the function get_var of the file /contrib/cssgen.php of the component CSS Handler. The manipulation of the argument default-styles/keywords-1/keywords-2/keywords-3/keywords-4/comments leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Vendor | Product | Version |
---|---|---|
qbnz | geshi | 𝑥 ≤ 1.0.9.1 |
𝑥
= Vulnerable software versions

Debian Releases
References