CVE-2025-57292

Vulnerability Description

Todoist v8484 contains a stored cross-site scripting (XSS) vulnerability in the avatar upload functionality. The application fails to properly validate the MIME type and sanitize image metadata.

Vulnerability Details

Published Date

September 26, 2025

Last Modified

October 07, 2025

Source

NVD

CVE-2025-57292

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment