CVE-2025-53096 – Moonlight Sunshine Clickjacking Vulnerability

July 1, 2025

CVE ID : CVE-2025-53096

Published : July 1, 2025, 2:15 a.m. | 5 hours, 18 minutes ago

Description : Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Clickjacking attacks. This vulnerability allows an attacker to embed the Sunshine interface within a malicious website using an invisible or disguised iframe. If a user is tricked into interacting (one or multiple clicks) with the malicious page while authenticated, they may unknowingly perform actions within the Sunshine application without their consent. This issue has been patched in version 2025.628.4510.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6938 – “Code-projects Simple Pizza Ordering System SQL Injection Vulnerability”

Next Article CVE-2025-53003 – Janssen Project IAM Unverified Scope Information Disclosure

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

CVE-2025-53096 – Moonlight Sunshine Clickjacking Vulnerability

Critical Lucee Flaw (CVE-2025-34074, CVSS 9.4): Authenticated RCE Via Scheduled Task Abuse, Metasploit Module Out

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

How Tiny UX Changes Echo, State of CSS 2025 & Logos that Standout

CVE-2025-4205 – WordPress Popup Maker Stored Cross-Site Scripting Vulnerability

Creating an Auto-Closing Notification With an HTML Popover

CVE-2025-49151 – MICROSENS NMP Web+ JWT Token Forgery

Best Kaspersky Next EDR Foundations Dealer in India – Secure Solutions

Product Walkthrough: A Look Inside Wing Security’s Layered SaaS Identity Defense

CVE-2025-5622 – D-Link DIR-816 Wireless Stack-Based Buffer Overflow

Build the ultimate Surface Pro 12-inch with these new accessories

CVE-2025-53096 – Moonlight Sunshine Clickjacking Vulnerability

Related Posts