EUVD-2025-32704

🗓️ 07 Oct 2025 09:30:21Reported by EUVDType

Remote header manipulation enables XSS in double-take up to 1.13.1; upgrade to 1.13.2.

Reporter	Title	Published	Views	Family All 7
CNNVD	Double Take 代码注入漏洞	7 Oct 202500:00	–	cnnvd
CVE	CVE-2025-11360	7 Oct 202509:02	–	cve
Cvelist	CVE-2025-11360 jakowenko double-take API app.js app.use cross site scripting	7 Oct 202509:02	–	cvelist
NVD	CVE-2025-11360	7 Oct 202509:15	–	nvd
Positive Technologies	PT-2025-40975	7 Oct 202500:00	–	ptsecurity
Snyk	Cross-site Scripting (XSS)	7 Oct 202509:41	–	snyk
Vulnrichment	CVE-2025-11360 jakowenko double-take API app.js app.use cross site scripting	7 Oct 202509:02	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "4183a93d-acf5-3e68-944d-3330963b6ba1",
        "vendor": {
          "name": "jakowenko"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1a0cc334-a53e-3f9d-9d07-d1afb346277b",
        "product": {
          "name": "double-take"
        },
        "product_version": "1.13.1"
      },
      {
        "id": "793c30ef-adbd-33f5-b814-50714bafe809",
        "product": {
          "name": "double-take"
        },
        "product_version": "1.13.0"
      },
      {
        "id": "daca04fd-871f-3739-bb45-c5b1160f0d10",
        "product": {
          "name": "double-take"
        },
        "product_version": ""
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-11360
github	www.github.com/jakowenko/double-take/commit/e11de9dd6b4ea6b7ec9a5607a920d48961e9fa50
github	www.github.com/jakowenko/double-take/releases/tag/v1.13.2
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

07 Oct 2025 09:30Current

5.5Medium risk

Vulners AI Score5.5

CVSS 45.3

CVSS 3.14.3

CVSS 25

CVSS 34.3

EPSS0.00033

SSVC