3 matches found
GO-2026-5616 S3-Proxy has Security Issues in its Resource Path Matching Implementation in github.com/oxyno-zeta/s3-proxy
S3-Proxy has Security Issues in its Resource Path Matching Implementation in github.com/oxyno-zeta/s3-proxy...
CVE-2025-27088
The CVE-2025-27088 issue affects oxyno-zeta/s3-proxy (Go) and is caused by rendering the Request.URL.Path into HTML in the folder-list template without proper sanitization, enabling reflected XSS via crafted URLs. Public advisories state that affected versions are vulnerable to script injection, ...
CVE-2025-27088 Reflected Cross-site Scripting (XSS) in template implementation in oxyno-zeta/s3-proxy
oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting XSS vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted...