← Volver a CVEs
CVE-2025-61583
MEDIUM4.3
Descripcion
TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A reflected cross-site scripting vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability exists in the error handling mechanism of the login page, where malicious scripts embedded in server hostnames are executed in the victim's browser context without proper sanitization. This issue is fixed in version 2.2.2.
Detalles CVE
Puntuacion CVSS v3.14.3
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado10/1/2025
Ultima modificacion10/20/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
joni1802:ts3_manager
Debilidades (CWE)
CWE-20CWE-80
Referencias
https://github.com/joni1802/ts3-manager/commit/3a069915f97a6f5dae1fe0b2e32aa11a69d83b5e(security-advisories@github.com)
https://github.com/joni1802/ts3-manager/security/advisories/GHSA-qw6j-37r6-m93g(security-advisories@github.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.