Search criteria
4 vulnerabilities by caido
CVE-2025-66025 (GCVE-0-2025-66025)
Vulnerability from cvelistv5 – Published: 2025-11-26 01:59 – Updated: 2025-11-26 15:15
VLAI?
Title
Caido Improperly Handles External Links in Markdown
Summary
Caido is a web security auditing toolkit. Prior to version 0.53.0, the Markdown renderer used in Caido’s Findings page improperly handled user-supplied Markdown, allowing attacker-controlled links to be rendered without confirmation. When a user opened a finding generated through the scanner, or other plugins, clicking these injected links could redirect the Caido application to an attacker-controlled domain, enabling phishing style attacks. This issue has been patched in version 0.53.0.
Severity ?
4.3 (Medium)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66025",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-26T15:14:55.060375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-26T15:15:02.930Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "caido",
"vendor": "caido",
"versions": [
{
"status": "affected",
"version": "\u003c 0.53.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Caido is a web security auditing toolkit. Prior to version 0.53.0, the Markdown renderer used in Caido\u2019s Findings page improperly handled user-supplied Markdown, allowing attacker-controlled links to be rendered without confirmation. When a user opened a finding generated through the scanner, or other plugins, clicking these injected links could redirect the Caido application to an attacker-controlled domain, enabling phishing style attacks. This issue has been patched in version 0.53.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-26T01:59:06.790Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/caido/caido/security/advisories/GHSA-cf52-h5mw-gmc2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/caido/caido/security/advisories/GHSA-cf52-h5mw-gmc2"
}
],
"source": {
"advisory": "GHSA-cf52-h5mw-gmc2",
"discovery": "UNKNOWN"
},
"title": "Caido Improperly Handles External Links in Markdown"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-66025",
"datePublished": "2025-11-26T01:59:06.790Z",
"dateReserved": "2025-11-21T01:08:02.614Z",
"dateUpdated": "2025-11-26T15:15:02.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53834 (GCVE-0-2025-53834)
Vulnerability from cvelistv5 – Published: 2025-07-14 22:49 – Updated: 2025-07-15 19:49
VLAI?
Title
Caido Toast Vulnerable to Reflected Cross-site Scripting
Summary
Caido is a web security auditing toolkit. A reflected cross-site scripting (XSS) vulnerability was discovered in Caido’s toast UI component in versions prior to 0.49.0. Toast messages may reflect unsanitized user input in certain tools such as Match&Replace and Scope. This could allow an attacker to craft input that results in arbitrary script execution. Version 0.49.0 fixes the issue.
Severity ?
6.3 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53834",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-15T13:48:44.516769Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T19:49:38.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "caido",
"vendor": "caido",
"versions": [
{
"status": "affected",
"version": "\u003c 0.49.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Caido is a web security auditing toolkit. A reflected cross-site scripting (XSS) vulnerability was discovered in Caido\u2019s toast UI component in versions prior to 0.49.0. Toast messages may reflect unsanitized user input in certain tools such as Match\u0026Replace and Scope. This could allow an attacker to craft input that results in arbitrary script execution. Version 0.49.0 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T22:49:18.813Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/caido/caido/security/advisories/GHSA-h8jr-c6qq-h7m7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/caido/caido/security/advisories/GHSA-h8jr-c6qq-h7m7"
},
{
"name": "https://github.com/caido/caido/releases/tag/v0.49.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/caido/caido/releases/tag/v0.49.0"
}
],
"source": {
"advisory": "GHSA-h8jr-c6qq-h7m7",
"discovery": "UNKNOWN"
},
"title": "Caido Toast Vulnerable to Reflected Cross-site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53834",
"datePublished": "2025-07-14T22:49:18.813Z",
"dateReserved": "2025-07-09T14:14:52.531Z",
"dateUpdated": "2025-07-15T19:49:38.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-49004 (GCVE-0-2025-49004)
Vulnerability from cvelistv5 – Published: 2025-06-09 20:25 – Updated: 2025-06-10 15:30
VLAI?
Title
Hijacking Caido instance during the initial setup via DNS Rebinding to achieve RCE
Summary
Caido is a web security auditing toolkit. Prior to version 0.48.0, due to the lack of protection for DNS rebinding, Caido can be loaded on an attacker-controlled domain. This allows a malicious website to hijack the authentication flow of Caido and achieve code execution. A malicious website loaded in the browser can hijack the locally running Caido instance and achieve remote command execution during the initial setup. Even if the Caido instance is already configured, an attacker can initiate the authentication flow by performing DNS rebinding. In this case, the victim needs to authorize the request on dashboard.caido.io. Users should upgrade to version 0.48.0 to receive a patch.
Severity ?
7.5 (High)
CWE
- CWE-290 - Authentication Bypass by Spoofing
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-10T14:23:13.251935Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-10T15:30:24.937Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "caido",
"vendor": "caido",
"versions": [
{
"status": "affected",
"version": "\u003c 0.48.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Caido is a web security auditing toolkit. Prior to version 0.48.0, due to the lack of protection for DNS rebinding, Caido can be loaded on an attacker-controlled domain. This allows a malicious website to hijack the authentication flow of Caido and achieve code execution. A malicious website loaded in the browser can hijack the locally running Caido instance and achieve remote command execution during the initial setup. Even if the Caido instance is already configured, an attacker can initiate the authentication flow by performing DNS rebinding. In this case, the victim needs to authorize the request on dashboard.caido.io. Users should upgrade to version 0.48.0 to receive a patch."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290: Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T20:25:45.185Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/caido/caido/security/advisories/GHSA-jmxf-xw2r-vjrg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/caido/caido/security/advisories/GHSA-jmxf-xw2r-vjrg"
}
],
"source": {
"advisory": "GHSA-jmxf-xw2r-vjrg",
"discovery": "UNKNOWN"
},
"title": "Hijacking Caido instance during the initial setup via DNS Rebinding to achieve RCE"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-49004",
"datePublished": "2025-06-09T20:25:45.185Z",
"dateReserved": "2025-05-29T16:34:07.175Z",
"dateUpdated": "2025-06-10T15:30:24.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23039 (GCVE-0-2025-23039)
Vulnerability from cvelistv5 – Published: 2025-01-17 20:13 – Updated: 2025-01-17 20:35
VLAI?
Title
Cross Site Scripting on URL decode Tooltip in Caido
Summary
Caido is a web security auditing toolkit. A Cross-Site Scripting (XSS) vulnerability was identified in Caido v0.45.0 due to improper sanitization in the URL decoding tooltip of HTTP request and response editors. This issue could allow an attacker to execute arbitrary scripts, potentially leading to the theft of sensitive information. This issue has been addressed in version 0.45.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity ?
5.2 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23039",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T20:35:16.294282Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T20:35:26.480Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "caido",
"vendor": "caido",
"versions": [
{
"status": "affected",
"version": "= 0.45.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Caido is a web security auditing toolkit. A Cross-Site Scripting (XSS) vulnerability was identified in Caido v0.45.0 due to improper sanitization in the URL decoding tooltip of HTTP request and response editors. This issue could allow an attacker to execute arbitrary scripts, potentially leading to the theft of sensitive information. This issue has been addressed in version 0.45.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T20:13:13.156Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/caido/caido/security/advisories/GHSA-3mfw-fhfp-mgrv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/caido/caido/security/advisories/GHSA-3mfw-fhfp-mgrv"
}
],
"source": {
"advisory": "GHSA-3mfw-fhfp-mgrv",
"discovery": "UNKNOWN"
},
"title": "Cross Site Scripting on URL decode Tooltip in Caido"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-23039",
"datePublished": "2025-01-17T20:13:13.156Z",
"dateReserved": "2025-01-10T15:11:08.883Z",
"dateUpdated": "2025-01-17T20:35:26.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}