Browse all 2 CVE security advisories affecting indieweb. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-14893 | IndieWeb <= 4.0.5 - Authenticated (Author+) Stored Cross-Site Scripting via 'Telephone' Parameter — IndieWebCWE-79 | 6.4 | Medium | 2026-01-09 |
| CVE-2025-12028 | IndieAuth <= 4.5.4 - Cross-Site Request Forgery to Account Takeover via Stolen OAuth Tokens — IndieAuthCWE-352 | 8.8 | High | 2025-10-24 |
This page lists every published CVE security advisory associated with indieweb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.