Vulnerabilities > Felisify > Sambabox
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-02 | CVE-2025-2421 | Code Injection vulnerability in Felisify Sambabox Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Informatics SambaBox allows Code Injection.This issue affects SambaBox: before 5.1. | 9.8 |
| 2025-05-02 | CVE-2025-2488 | Cross-site Scripting vulnerability in Felisify Sambabox Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting (XSS).This issue affects SambaBox: before 5.1. | 6.1 |