Vulnerabilities

CVE-2025-54423

by Fred · 28/07/2025

copyparty is a portable file server. In versions up to and including versions 1.18.4, an unauthenticated attacker is able to execute arbitrary JavaScript code in a victim’s browser due to improper sanitization of multimedia tags in music files, including m3u files. This is fixed in version 1.18.5.

More information : https://github.com/9001/copyparty/commit/895880aeb0be0813ddf732487596633f8f9fc3a6

Similar

Tags: Cybersecurity Alert