VYPR
Low severity2.4GHSA Advisory· Published Apr 19, 2025· Updated Apr 15, 2026

CVE-2025-3801

CVE-2025-3801

Description

A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content/About System/Footer leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/songquanpeng/one-apiGo
<= 0.6.10

Affected products

3

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.