4 matches found
CVE-2025-3801
A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content/About System/Footer leads to cross site scripting. It is possible to...
one-api Cross-site Scripting vulnerability
A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content leads to cross site scripting. It is possible to initiate the attack...
CVE-2025-3801 songquanpeng one-api System Setting cross site scripting
A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content/About System/Footer leads to cross site scripting. It is possible to...
PT-2025-17378 · Unknown · Songquanpeng One-Api
Name of the Vulnerable Software and Affected Versions: songquanpeng one-api versions up to 0.6.10 Description: A vulnerability was found in the System Setting Handler component, allowing for cross-site scripting through the manipulation of the Homepage Content argument. This issue can be exploite...