VYPR
Medium severityNVD Advisory· Published Dec 4, 2025· Updated Apr 15, 2026

CVE-2025-13488

CVE-2025-13488

Description

Due to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (XSS) vulnerability with user context.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.