CVE-2025-54597 Information

Description

LinuxServer.io Heimdall before 2.7.3 allows XSS via the q parameter.

Reference

https://github.com/linuxserver/Heimdall/commit/d1a96dd752ba30dc56380400dd2587d8abb8e9d1 https://github.com/linuxserver/Heimdall/compare/v2.7.2…v2.7.3

Related CNNVD

CNNVD-202507-3402 (Published: 2025-07-27)