XSS in Techarohq Anubis
CVE-2025-64716
Anubis is a Web AI Firewall Utility that challenges users' connections in order to protect upstream resources from scraper bots. Prior to version 1.23.0, when using subrequest authentication, Anubis did not perform validation of the redire…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.005 (37.4th percentile) — read the EPSS interpretation.
Affected products
- Techarohq Anubis — versions < 1.23.0
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)
- security-advisories@github.com (x_refsource_MISC)