CVE-2025-47204

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/davidstutz/bootstrap-multiselect/releases", "name": "https://github.com/davidstutz/bootstrap-multiselect/releases", "tags": ["Release Notes"], "refsource": ""}, {"url": "https://github.com/projectdiscovery/nuclei-templates/commit/11e1a6c11d3954f44acfb0274b6dad4bd8045103", "name": "https://github.com/projectdiscovery/nuclei-templates/commit/11e1a6c11d3954f44acfb0274b6dad4bd8045103", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An issue was discovered in post.php in bootstrap-multiselect (aka Bootstrap Multiselect) 1.1.2. A PHP script in the source code echoes arbitrary POST data. If a developer adopts this structure wholesale in a live application, it could create a Reflective Cross-Site Scripting (XSS) vulnerability exploitable through Cross-Site Request Forgery (CSRF)."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-47204", "ASSIGNER": "cve@mitre.org"}}, "impact": {}, "publishedDate": "2025-05-13T16:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:davidstutz:bootstrap_multiselect:1.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-07-09T02:02Z"}