Vulnerability Description
gifplayer is a customizable jquery plugin to play and stop animated gifs. gifplayer contains a cross-site scripting (XSS) vulnerability. This vulnerability is fixed in 0.3.7.
Related Weaknesses (CWE)
References
- https://github.com/rubentd/gifplayer/commit/2966193d4d066e5a6ba09dbdf1e1c7f82386
- https://github.com/rubentd/gifplayer/security/advisories/GHSA-gr7w-hmch-25g7
- https://www.drupal.org/sa-contrib-2025-032
FAQ
What is CVE-2025-31128?
CVE-2025-31128 is a documented vulnerability. gifplayer is a customizable jquery plugin to play and stop animated gifs. gifplayer contains a cross-site scripting (XSS) vulnerability. This vulnerability is fixed in 0.3.7.
How severe is CVE-2025-31128?
CVSS scoring is not yet available for CVE-2025-31128. Check NVD for updates.
Is there a patch for CVE-2025-31128?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.