← Back

Tale

tale

Vendor: Tale Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-69749
1Tale Project
1Tale
Jun 17, 2026
Jan 29, 2026
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code.
CVE-2025-1585
1Tale Project
1Tale
Jun 17, 2026
Feb 23, 2025
4.8 MEDIUM· v4
5.4 MEDIUM· v3
3.3 LOW· v2
A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html....Show more
A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html. The manipulation of the argument logo_url leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.Show less