CVE-2025-64710

medium

Description

Bitplatform Boilerplate is a Visual studio and .NET project template. Versions prior to 9.11.3 are affected by a cross-site scripting (XSS) vulnerability in the WebInteropApp/WebAppInterop, potentially allowing attackers to inject malicious scripts that compromise the security and integrity of web applications. Applications based on this Bitplatform Boilerplate might also be vulnerable. Version 9.11.3 fixes the issue.

References

https://github.com/bitfoundation/bitplatform/security/advisories/GHSA-rv95-xj37-7c3w

https://github.com/bitfoundation/bitplatform/commit/4700894ab90ed3a94cbfa21ebea3c0b5de87d457

Details

Source: Mitre, NVD

Published: 2025-11-13

Updated: 2026-01-14

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

CVSS v4

Base Score: 5.3

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Severity: Medium

EPSS

EPSS: 0.00047