CVE-2025-45806 PUBLISHED

Assigner: mitre
Reserved: 22.04.2025 Published: 09.04.2026 Updated: 09.04.2026

A cross-site scripting (XSS) vulnerability in rrweb-snapshot before v2.0.0-alpha.18 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

Product Status

Vendor	n/a
Product	n/a
Versions	Version n/a is affected

References

https://github.com/rrweb-io/rrweb
https://github.com/rrweb-io/rrweb/tree/master/packages/rrweb-snapshot
https://github.com/rrweb-io/rrweb/issues/1817

Problem Types

n/a text