VYPR
Medium severity6.3OSV Advisory· Published Jul 14, 2025· Updated Apr 15, 2026

CVE-2025-53834

CVE-2025-53834

Description

Caido is a web security auditing toolkit. A reflected cross-site scripting (XSS) vulnerability was discovered in Caido’s toast UI component in versions prior to 0.49.0. Toast messages may reflect unsanitized user input in certain tools such as Match&Replace and Scope. This could allow an attacker to craft input that results in arbitrary script execution. Version 0.49.0 fixes the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Caido/CaidoOSV2 versions
    v0.22.1, v0.23.1, v0.24.0, …+ 1 more
    • (no CPE)range: v0.22.1, v0.23.1, v0.24.0, …
    • (no CPE)range: <0.49.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.