CVE-2025-3801 – Songquanpeng One-Api Cross Site Scripting Vulnerability

April 20, 2025

CVE ID : CVE-2025-3801

Published : April 19, 2025, 2:15 p.m. | 14 hours, 38 minutes ago

Description : A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3804 – Thautwarm VSCode-Diana Jinja2 Template Handler Injection Vulnerability

Next Article CVE-2025-39587 – Stylemix Cost Calculator Builder SQL Injection

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

I can hardly believe just how amazing this $100 gimbal-tracking webcam is — Why recommend anything else?

Microsoft’s Copilot is trying to appeal to the masses — now power users are leaving it behind

“It’s literally tens ofmillions of hours.” Xbox CEO Phil Spencer celebrates Xbox Cloud Gaming’s “dramatic growth,” now with per-device usage charts.

I would pay a LOT of money for this absolutely incredible AI laptop… But maybe not as much as it actually costs

Community News: Latest PECL Releases (03.11.2025)

Community News: Latest PECL Releases (03.11.2025)

danielebarbaro/laravel-vat-eu-validator

Expense Management System Android App Using SQLite

Tuning Local LLMs With RAG Using Ollama and Langchain

Tuning Local LLMs With RAG Using Ollama and Langchain

I can hardly believe just how amazing this $100 gimbal-tracking webcam is — Why recommend anything else?

8 Best Free and Open Source Restic Wrappers

CVE-2025-3801 – Songquanpeng One-Api Cross Site Scripting Vulnerability

Leaked KeyPlug Malware Infrastructure Contains Exploit Scripts to Hack Fortinet Firewall and VPN

April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Enhancing Cybersecurity Resilience: Insights from CISAâ€™s Red-Teaming Exercise

Amazon proposes a new AI benchmark to measure RAG

Ideal Note-Taking Tool

From Kernels to Attention: Exploring Robust Principal Components in Transformers

Microsoft: Russian-Linked Hackers Using ‘Device Code Phishing’ to Hijack Accounts

DOOM: The Dark Ages for Windows PC is already on sale ahead of launch

How to migrate WordPress to Webflow â€“ Steps to follow!

Atlas Stream Processing çŽ°å·²æ£å¼å‘å¸ƒï¼

CVE-2025-3801 – Songquanpeng One-Api Cross Site Scripting Vulnerability

Related Posts