CVE-2025-52552

by Fred · 21/06/2025

FastGPT is an AI Agent building platform. Prior to version 4.9.12, the LastRoute Parameter on login page is vulnerable to open redirect and DOM-based XSS. Improper validation and lack of sanitization of this parameter allows attackers execute malicious JavaScript or redirect them to attacker-controlled sites. This issue has been patched in version 4.9.12.

Assigner : security-advisories@github.com

More information : https://github.com/labring/FastGPT/commit/095b75ee27746004106eddeaa4840688a61ff6eb

CVE-2025-52552

Similar

Recent Posts

Categories

CVE-2025-52552

Share this:

Similar

Recent Posts

Categories

Tags