CVE-2025-65019 | withastro up to 5.15.8 Image Optimization Endpoint isRemoteAllowed cross site scripting

Inserito da Angelo Barbosa | Nov 19, 2025 | CVE

A vulnerability described as problematic has been identified in withastro astro up to 5.15.8. This issue affects the function isRemoteAllowed of the component Image Optimization Endpoint. Executing manipulation can lead to cross site scripting.

The identification of this vulnerability is CVE-2025-65019. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.

CVE-2025-65019 | withastro up to 5.15.8 Image Optimization Endpoint isRemoteAllowed cross site scripting

Post correlati

CVE-2025-0752 | Red Hat OpenShift Service Mesh proxyv2-rhel9 request smuggling

CVE-2013-10065 | Sysax Multi-Server 6.10 SSH Daemon uncaught exception

CVE-2024-31248 | Team Plugins360 All-in-One Video Gallery Plugin up to 3.5.2 on WordPress authorization

CVE-2025-11586 | Tenda AC7 15.03.06.44 /goform/setNotUpgrade newVersion stack-based overflow