Unrated severityNVD Advisory· Published Oct 17, 2025· Updated Oct 17, 2025
Incorrect Content-Type Header
CVE-2025-11925
Description
Incorrect Content-Type header in one of the APIs (text/html instead of application/json) replies may potentially allow injection of HTML/JavaScript into reply.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: 0
- Range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.