{"vulnerability": "CVE-2025-48051", "sightings": [{"uuid": "35780594-8c32-46b9-97c6-b15ac119602f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48051", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16533", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48051\n\ud83d\udd25 CVSS Score: 4.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: powertip.ts in Lila (for Lichess) before ab0beaf allows XSS in some applications because of an innerHTML usage pattern in which text is extracted from a DOM node and interpreted as HTML.\n\ud83d\udccf Published: 2025-05-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-15T16:06:38.044Z\n\ud83d\udd17 References:\n1. https://github.com/lichess-org/lila/security/advisories/GHSA-9xhx-p3c5-p4v6\n2. https://github.com/lichess-org/lila/commit/ab0beaf0ad671761705d9274663c5dc450608527\n3. https://github.com/lichess-org/lila/blob/7b82f35d15f9113ac8a0a9271d34bef4f6119e9f/ui/site/src/powertip.ts#L60", "creation_timestamp": "2025-05-15T16:35:28.000000Z"}]}