CNNVD-202511-2914 Information

CNNVD ID

CNNVD-202511-2914

Related CVE

CVE-2025-66025

• CNNVD Published: 2025-11-26

Description (Chinese)

Caido是Caido开源的一个应用程序。旨在帮助安全专业人员和爱好者高效、轻松地审核 Web 应用程序。 Caido 0.53.0之前版本存在注入漏洞，该漏洞源于Markdown渲染器处理不当，可能导致攻击者控制的链接被渲染而无需确认。

Description (English)

Caido is an application from the Caido Open Source. The aim is to help security professionals and lovers efficiently and easily review Web applications. There was an injection loophole in the pre-Caido 0.53.0 version, which stemmed from the inappropriate handling of the Markdown Renderer, which could lead to the replicating of the link controlled by the assailant without any need for confirmation.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

Caido

Published

2025-11-26

Last Modified

2026-02-24

References

https://github.com/caido/caido/security/advisories/GHSA-cf52-h5mw-gmc2 https://access.redhat.com/security/cve/cve-2025-66025

Patch

https://github.com/caido/caido/releases