CNNVD-202509-1426 Information

Sep 09, 2025 cve

CNNVD ID

CNNVD-202509-1426

CVE-2025-57540

CNNVD Published: 2025-09-09

Description (Chinese)

Proxmox Virtual Environment（Proxmox VE）是Proxmox公司的一个开源的服务器虚拟化环境 Linux 发行版。 Proxmox Virtual Environment 8.4版本存在安全漏洞，该漏洞源于WebAuthn Relying Party字段存在存储型跨站脚本漏洞，可能导致客户端攻击。

Description (English)

Proxmox Virtual Environmental (Proxmox VE) is an open-source server virtualization environment for Proxmox. Version 8.4 of Proxmox Virtual Environmental contains a security loophole, which originates from the storage-type cross-site script gap in the WebAuthn Relying Party field, which may lead to client attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Publify

Published

2025-09-09

Last Modified

2026-02-24

References

https://forum.proxmox.com/threads/proxmox-virtual-environment-security-advisories.149331/page-2#post-792010 https://github.com/khankishiyev-j/bug-bounty/blob/main/proxmox-xss https://www.youtube.com/watch?v=-wvkN-7oT5U https://access.redhat.com/security/cve/cve-2025-57540

Share on: