CVE ID : CVE-2025-53528
Published : July 21, 2025, 9:15 p.m. | 3 hours, 25 minutes ago
Description : Cadwyn creates production-ready community-driven modern Stripe-like API versioning in FastAPI. In versions 5.4.3 and below, the version parameter of the “/docs” endpoint is vulnerable to a Reflected XSS (Cross-Site Scripting) attack. This XSS would notably allow an attacker to execute JavaScript code on a user’s session for any application based on Cadwyn via a one-click attack. The vulnerability has been fixed in version 5.4.4.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Source: Read More
