Patchstack: version 2025.10 is vulnerable to Cross Site Scripting (XSS)

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author mdempfle

    (@mdempfle)

    3 months, 2 weeks ago

    Hi,

    I have already submitted a patch to patchstack a while ago. Unfortunately I have no feedback and also I’m not able to get in touch with the finder of the issue as I’m on the opinion the remaining things he is wring is wrong as he does not understand feature.

    So it means the new version is ready (2026.0). It only needs approval. If you like I can already send you the version if you like.

    Best regards, Michael

    Thread Starter JLY

    (@jose-luis-yanez)

    3 months, 2 weeks ago

    Hi Michael, thanks for your quick reply! Don’t worry, according to Patchstack this is a not impactful, low priority vulnerability, so I can wait for the official patch to be released. I just wanted to let you know of it, just in case.

    Best regards,

    Plugin Author mdempfle

    (@mdempfle)

    3 months, 1 week ago

    Hi,

    I have release 2026.0 – There this issue is fixed. I have waited now for many weeks that patchstack responds, but they answer extremely slow.

Viewing 3 replies - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.