← Back to CVEs
CVE-2025-61583
MEDIUM4.3
Description
TS3 Manager is modern web interface for maintaining Teamspeak3 servers. A reflected cross-site scripting vulnerability has been identified in versions 2.2.1 and earlier. The vulnerability exists in the error handling mechanism of the login page, where malicious scripts embedded in server hostnames are executed in the victim's browser context without proper sanitization. This issue is fixed in version 2.2.2.
CVE Details
CVSS v3.1 Score4.3
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
Published10/1/2025
Last Modified10/20/2025
Sourcenvd
Honeypot Sightings0
Affected Products
joni1802:ts3_manager
Weaknesses (CWE)
CWE-20CWE-80
References
https://github.com/joni1802/ts3-manager/commit/3a069915f97a6f5dae1fe0b2e32aa11a69d83b5e(security-advisories@github.com)
https://github.com/joni1802/ts3-manager/security/advisories/GHSA-qw6j-37r6-m93g(security-advisories@github.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.