CNNVD-202509-1266 Information

Sep 09, 2025 cve

CNNVD ID

CNNVD-202509-1266

CVE-2025-57538

CNNVD Published: 2025-09-09

Description (Chinese)

Proxmox Virtual Environment（Proxmox VE）是Proxmox公司的一个开源的服务器虚拟化环境 Linux 发行版。 Proxmox Virtual Environment 8.4版本存在安全漏洞，该漏洞源于HTTP Proxy字段存储型跨站脚本漏洞，可能导致任意JavaScript执行。

Description (English)

Proxmox Virtual Environmental (Proxmox VE) is an open-source server virtualization environment for Proxmox. There is a security loophole in version 8.4 of Proxmox Virtual Environment, which originates from a cross-site script gap in the HTTP Proxy field storage, which could lead to arbitrary JavaScript execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Proxmox

Published

2025-09-09

Last Modified

2026-02-24

References

https://forum.proxmox.com/threads/proxmox-virtual-environment-security-advisories.149331/page-2#post-792010 https://www.youtube.com/watch?v=mN-0Zia1LZw https://github.com/khankishiyev-j/bug-bounty/blob/main/proxmox-xss https://access.redhat.com/security/cve/cve-2025-57538

Share on: