CVE-2025-52552 – FastGPT Open Redirect and DOM-Based XSS Vulnerability

June 21, 2025

CVE ID : CVE-2025-52552

Published : June 21, 2025, 3:15 a.m. | 3 hours ago

Description : FastGPT is an AI Agent building platform. Prior to version 4.9.12, the LastRoute Parameter on login page is vulnerable to open redirect and DOM-based XSS. Improper validation and lack of sanitization of this parameter allows attackers execute malicious JavaScript or redirect them to attacker-controlled sites. This issue has been patched in version 4.9.12.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6399 – TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Critical Vulnerability

Next Article CVE-2025-52487 – DNN Bypass Login IP Filter Vulnerability

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

The coming AI smartphone: Redefining personal tech

Modern React animation libraries: Real examples for engaging UIs

How Debian 13’s little improvements add up to the distro’s surprisingly big leap forward

Why xAI is giving you ‘limited’ free access to Grok 4

How Apple may revamp Siri to a voice assistant I’d actually use (and ditch Gemini for)

I jump-started a bus from the 1930s with this power bank – here’s the verdict

Laravel’s UsePolicy Attribute: Explicit Authorization Control

Laravel’s UsePolicy Attribute: Explicit Authorization Control

The Laravel Way to Build AI Agents That Actually Work

The Laravel Way to Build AI Agents That Actually Work

Microsoft sued over killing support for Windows 10

Microsoft sued over killing support for Windows 10

Grok 4 rolled out for free-tier users worldwide, with some limits

Firefox AI slammed for hogging CPU and draining battery

CVE-2025-52552 – FastGPT Open Redirect and DOM-Based XSS Vulnerability

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

BadCam Attack Turns Trusted Linux Webcams into Stealthy USB Weapons

CVE-2025-6587 – Docker Desktop Environment Variable Disclosure Vulnerability

Is Drug Dealer Simulator on Xbox Game Pass?

CVE-2025-37992 – Linux Kernel net_sched NULL Pointer Dereference Vulnerability

Mastering Linux File Permissions and Ownership

IMSProg – I2C, SPI and Microwire EEPROM/Flash chip programmer

These crazy mods can turn one of the best PC games of 2025 into the ultimate Final Fantasy x Pokémon crossover, guest starring Keanu Reeves

Redefining Quality Engineering – Tricentis India Partner Event

Distribution Release: Ubuntu 25.04

CVE-2025-52552 – FastGPT Open Redirect and DOM-Based XSS Vulnerability

Related Posts