Logo

CVE-2025-56683: DOM-based Cross-Site Scripting Leading to Remote Code Execution in Logseq Application

A DOM-based XSS vulnerability in Logseq version 0.10.9 allows Remote Code Execution by injecting malicious JavaScript through unsanitized plugin README content combined with insufficient protocol validation.
July 1, 2025 · 7 min · 1288 words · Martin Kubečka