VDB

CVE-2025-30223

CVE-2025-30223 PUBLISHED CVSS 9.300000190734863 CRITICAL

Beego allows Reflected/Stored XSS in Beego's RenderForm() Function Due to Unescaped User Input

EPSS 0.45% · 64.0th percentile

Risk Scores

CVSS v3.1
9.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
EPSS Score
0.45%
64.0th percentile

Affected Products

VendorProductVersions
beegobeego< 2.3.6, 0, *
github.combeego/beego0, 0
github.combeego/beego/v20, 0

Timeline

  • Jan 21, 1970 Security Advisory
  • Mar 31, 2025 CVE Published
  • Mar 31, 2025 Coalition ESS Score
  • Mar 31, 2025 PoC Published
  • Mar 31, 2025 PoC Published
  • Mar 31, 2025 PoC Published
  • Mar 31, 2025 PoC Published
  • Mar 31, 2025 PoC Published
  • Apr 1, 2025 EPSS Score
  • Apr 1, 2025 PoC Published
  • Apr 2, 2025 PoC Published
  • Apr 2, 2025 PoC Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›