XSS in Dgtlmoon Changedetection.io

CVE-2025-52558

changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. Prior to version 0.50.4, errors in filters from website page change detection watches were not being filtered re…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.001 (32.5th percentile) — read the EPSS interpretation.

Affected products

Dgtlmoon Changedetection.io — versions < 0.50.4

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-hwpg-x5hw-vpv9 (x_refsource_CONFIRM)
https://github.com/dgtlmoon/changedetection.io/commit/3d5a544ea674cfce517adcd498877a8d760d0931 (x_refsource_MISC)