Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:17 a.m.8 views

CVE-2025-23039

Caido is a web security auditing toolkit. A Cross-Site Scripting XSS vulnerability was identified in Caido v0.45.0 due to improper sanitization in the URL decoding tooltip of HTTP request and response editors. This issue could allow an attacker to execute arbitrary scripts, potentially leading to...

5.2CVSS6.2AI score0.00235EPSS
Exploits0References1
NVD
NVD
added 2025/07/14 11:15 p.m.5 views

CVE-2025-53834

Caido is a web security auditing toolkit. A reflected cross-site scripting XSS vulnerability was discovered in Caido’s toast UI component in versions prior to 0.49.0. Toast messages may reflect unsanitized user input in certain tools such as Match&Replace and Scope. This could allow an attacker t...

6.3CVSS0.00221EPSS
Exploits0References2
CVE
CVE
added 2025/07/14 10:49 p.m.17 views

CVE-2025-53834

Caido Toast XSS (CVE-2025-53834): A reflected XSS vulnerability exists in Caido’s toast UI component in versions before 0.49.0, where unsanitized user input reflected in tools like Match&Replace and Scope can lead to arbitrary script execution. The issue is fixed in version 0.49.0. Affected produ...

6.3CVSS5.7AI score0.00221EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/11 9:8 p.m.6 views

CVE-2025-49004

Caido is a web security auditing toolkit. Prior to version 0.48.0, due to the lack of protection for DNS rebinding, Caido can be loaded on an attacker-controlled domain. This allows a malicious website to hijack the authentication flow of Caido and achieve code execution. A malicious website load...

7.5CVSS8AI score0.00515EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/17 8:13 p.m.7 views

CVE-2025-23039 Cross Site Scripting on URL decode Tooltip in Caido

Caido is a web security auditing toolkit. A Cross-Site Scripting XSS vulnerability was identified in Caido v0.45.0 due to improper sanitization in the URL decoding tooltip of HTTP request and response editors. This issue could allow an attacker to execute arbitrary scripts, potentially leading to...

5.2CVSS5.3AI score0.00235EPSS
Exploits0References1
Rows per page
Query Builder