Note:
This project will be discontinued after December 13, 2021. [more]
Product:
S3\-Proxy
(Oxyno\-Zeta)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-02-20 | CVE-2025-27088 | oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted domain, posing a moderate risk to all users. It's possible to inject html elements, including scripts through the folder-list template. The affected template allows users to interact with the URL... | S3\-Proxy | 8.2 |