Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

CVE-2025-48360: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Razvan Stanga Varnish/Nginx Proxy Caching

Medium
VulnerabilityCVE-2025-48360cvecve-2025-48360cwe-79
Published: Thu Aug 28 2025 (08/28/2025, 12:37:08 UTC)
Source: CVE Database V5
Vendor/Project: Razvan Stanga
Product: Varnish/Nginx Proxy Caching

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching allows Stored XSS. This issue affects Varnish/Nginx Proxy Caching: from n/a through 1.8.3.

Technical Details

Data Version
5.1
Assigner Short Name
Patchstack
Date Reserved
2025-05-19T14:41:42.788Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 68b0537ead5a09ad006cfcca

Added to database: 8/28/2025, 1:02:54 PM

Last updated: 8/28/2025, 1:02:54 PM

Views: 1

Related Threats

CVE-2025-54742: CWE-502 Deserialization of Untrusted Data in magepeopleteam WpEvently

High
VulnerabilityThu Aug 28 2025

CVE-2025-54738: CWE-288 Authentication Bypass Using an Alternate Path or Channel in NooTheme Jobmonster

Critical
VulnerabilityThu Aug 28 2025

CVE-2025-54734: CWE-862 Missing Authorization in bPlugins B Slider

Medium
VulnerabilityThu Aug 28 2025

CVE-2025-54733: CWE-862 Missing Authorization in Miles All Bootstrap Blocks

Medium
VulnerabilityThu Aug 28 2025

CVE-2025-54731: CWE-94 Improper Control of Generation of Code ('Code Injection') in emarket-design YouTube Showcase

High
VulnerabilityThu Aug 28 2025

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats