Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-f9vc-vf3r-pqqq

GitHub Security Advisory

Harbor repository description page has Cross-site Scripting vulnerability

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

### Impact

In the Harbor repository information, it is possible to inject code resulting in a stored XSS issue.

### Patches
Harbor v2.12.3 Harbor 2.11.3

### Workarounds
No

### References

### Credit
[email protected]

Affected Packages

Go github.com/goharbor/harbor
Affected versions: 2.12.0-rc1 (fixed in 2.12.4-rc1)
Go github.com/goharbor/harbor
Affected versions: 2.13.0-rc1 (fixed in 2.13.1-rc1)
Go github.com/goharbor/harbor
Affected versions: 2.4.0-rc1.1 (last affected: 2.11.2)
Go github.com/goharbor/harbor
Affected versions: 0 (fixed in 2.4.0-rc1.0.20250421072404-a13a16383a41)

Related CVEs

CVE-2025-32019

Key Information

GHSA ID
GHSA-f9vc-vf3r-pqqq
Published
July 23, 2025 2:40 PM
Last Modified
July 23, 2025 10:14 PM
CVSS Score
5.0 /10
Primary Ecosystem
Go
Primary Package
github.com/goharbor/harbor
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 25, 2025 6:37 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.