6 matches found
CVE-2025-66025
Caido is a web security auditing toolkit. Prior to version 0.53.0, the Markdown renderer used in Caido’s Findings page improperly handled user-supplied Markdown, allowing attacker-controlled links to be rendered without confirmation. When a user opened a finding generated through the scanner, or...
CVE-2025-66025
Caido is a web security auditing toolkit. Prior to version 0.53.0, the Markdown renderer used in Caido’s Findings page improperly handled user-supplied Markdown, allowing attacker-controlled links to be rendered without confirmation. When a user opened a finding generated through the scanner, or...
CVE-2025-66025 Caido Improperly Handles External Links in Markdown
Caido is a web security auditing toolkit. Prior to version 0.53.0, the Markdown renderer used in Caido’s Findings page improperly handled user-supplied Markdown, allowing attacker-controlled links to be rendered without confirmation. When a user opened a finding generated through the scanner, or...
CVE-2025-66025 Caido Improperly Handles External Links in Markdown
Caido is a web security auditing toolkit. Prior to version 0.53.0, the Markdown renderer used in Caido’s Findings page improperly handled user-supplied Markdown, allowing attacker-controlled links to be rendered without confirmation. When a user opened a finding generated through the scanner, or...
CVE-2025-66025
Caido: Prior to 0.53.0, its Findings page Markdown renderer mishandled user-supplied Markdown, allowing attacker-controlled links to render without confirmation. When a user opened a finding from the scanner or plugins, clicking injected links could redirect the Caido application to attacker-cont...
PT-2025-48125
Caido is a web security auditing toolkit. Prior to version 0.53.0, the Markdown renderer used in Caido’s Findings page improperly handled user-supplied Markdown, allowing attacker-controlled links to be rendered without confirmation. When a user opened a finding generated through the scanner, or...