Количество 2
Количество 2
CVE-2025-3801
A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content/About System/Footer leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
GHSA-wvcx-j62q-45qw
one-api Cross-site Scripting vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-3801 A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content/About System/Footer leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | CVSS3: 2.4 | 0% Низкий | 10 месяцев назад |
| GHSA-wvcx-j62q-45qw one-api Cross-site Scripting vulnerability | CVSS3: 2.4 | 0% Низкий | 10 месяцев назад |
Уязвимостей на страницу