8 matches found
CVE-2025-64716 Anubis vulnerable to possible XSS via redir parameter when using subrequest auth mode
Anubis is a Web AI Firewall Utility that challenges users' connections in order to protect upstream resources from scraper bots. Prior to version 1.23.0, when using subrequest authentication, Anubis did not perform validation of the redirect URL and redirects user to any URL scheme. While most...
PT-2025-46775
Name of the Vulnerable Software and Affected Versions Anubis versions prior to 1.23.0 Description Anubis, a Web AI Firewall Utility designed to protect upstream resources from scraper bots, had a flaw in its subrequest authentication process. Before version 1.23.0, the software did not validate t...
EUVD-2025-22776
Malicious code in bioql PyPI...
CVE-2025-54414
Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript...
CVE-2025-54414
Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript...
CVE-2025-54414 Anubis accepts crafted redirect URLs in pass-challenge 'Try Again' buttons
Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript...
CVE-2025-54414 Anubis accepts crafted redirect URLs in pass-challenge 'Try Again' buttons
Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript...
PT-2025-30951 · Anubis · Anubis
Name of the Vulnerable Software and Affected Versions: Anubis versions 1.21.2 and below Description: Anubis is a Web AI Firewall Utility designed to protect upstream resources from scraper bots. Attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript...