Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/22 11:20 p.m.10 views

CVE-2025-27088

oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting XSS vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted...

8.4CVSS5.4AI score0.00459EPSS
Exploits1References1
OSV
OSV
added 2025/02/20 10:33 p.m.11 views

CVE-2025-27088 Reflected Cross-site Scripting (XSS) in template implementation in oxyno-zeta/s3-proxy

oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting XSS vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted...

8.4CVSS5.7AI score0.00459EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/02/20 10:33 p.m.15 views

CVE-2025-27088 Reflected Cross-site Scripting (XSS) in template implementation in oxyno-zeta/s3-proxy

oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting XSS vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted...

8.4CVSS0.00459EPSS
Exploits1References3
CVE
CVE
added 2025/02/20 10:33 p.m.90 views

CVE-2025-27088

The CVE-2025-27088 issue affects oxyno-zeta/s3-proxy (Go) and is caused by rendering the Request.URL.Path into HTML in the folder-list template without proper sanitization, enabling reflected XSS via crafted URLs. Public advisories state that affected versions are vulnerable to script injection, ...

8.4CVSS5.5AI score0.00459EPSS
Exploits1References3Affected Software1
Circl
Circl
added 2025/02/20 9:43 p.m.4 views

CVE-2025-27088

creationtimestamp| type| source ---|---|--- 2025-02-20 21:43:36+00:00| published-proof-of-concept| https://github.com/oxyno-zeta/s3-proxy/security/advisories/GHSA-pp9m-qf39-hxjc 2025-02-20 23:16:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4824 2025-02-21...

8.4CVSS7.3AI score0.00459EPSS
Exploits1References3
Rows per page
Query Builder