Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-53834

Caido is a web security auditing toolkit. A reflected cross-site scripting (XSS) vulnerability was discovered in Caido’s toast UI component in versions prior to 0.49.0. Toast messages may reflect unsanitized user input in certain tools such as Match&Replace and Scope. This could allow an attacker to craft input that results in arbitrary script execution. Version 0.49.0 fixes the issue.

Published

2025-07-14T23:15:24.870

Last Modified

2025-07-15T13:14:24.053

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 6.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-79

Affected Vendors & Products

References

https://github.com/caido/caido/releases/tag/v0.49.0 ([email protected])
https://github.com/caido/caido/security/advisories/GHSA-h8jr-c6qq-h7m7 ([email protected])