CVE-2025-1169

CVSS 3.1 Score 3.5 of 10 (low)

Details

Published Feb 11, 2025

Updated: Feb 18, 2025

CWE ID 94

CWE ID 79

Summary

CVE-2025-1169 is a newly disclosed vulnerability affecting SourceCodester Image Compressor Tool 1.0. This issue poses a problem as it enables cross-site scripting (XSS) attacks, which can be initiated remotely. The vulnerability is situated in the processing of the compressor.php file, specifically in the handling of the 'image' argument. An attacker can exploit this flaw by manipulating the image input, leading to the injection of malicious scripts. As of now, the extent of the affected user base is unknown, but it is recommended that users of the affected software apply the necessary patches or updates to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database