Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-11147

Reflected cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vulnerability allows malicious scripts (XSS) to be executed in “/html/<filename>.html”.

Published

2025-09-29T10:15:37.993

Last Modified

2025-10-16T15:54:26.323

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.4 (MEDIUM)

Weaknesses

Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apt-cacher-ng_project	apt-cacher-ng	3.2-1	Yes

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-apt-cacher-ng Third Party Advisory ([email protected])