What is CVE-2025-1169 — XSS in Image Compressor Tool?

CVE-2025-1169 is a cross-site scripting (XSS) vulnerability in SourceCodester Image Compressor Tool versions 1.0–1.0, allowing attackers to inject malicious scripts via the 'image' parameter in /image-compressor/compressor.php.

Am I affected by CVE-2025-1169 in Image Compressor Tool?

You are affected if you are using SourceCodester Image Compressor Tool version 1.0 or 1.0. Upgrade to version 1.0.1 to mitigate the risk.

How do I fix CVE-2025-1169 in Image Compressor Tool?

Upgrade to version 1.0.1 of SourceCodester Image Compressor Tool. If upgrading is not immediately possible, implement input validation and sanitization on the 'image' parameter.

Is CVE-2025-1169 being actively exploited?

While no confirmed active exploitation is currently reported, the vulnerability has been publicly disclosed, increasing the likelihood of exploitation.

Where can I find the official Image Compressor Tool advisory for CVE-2025-1169?

Refer to the SourceCodester website or relevant security mailing lists for the official advisory regarding CVE-2025-1169.

CVE-2025-1169 — Vulnerability Details

NEXTGUARD

Escanear grátis

CVE-2025-1169 — Vulnerability Details | NextGuard

Passos de Detecçãotraduzindo…

• php / server:

grep -r "/image-compressor/compressor.php" /var/log/apache2/access.log

• generic web:

curl -I http://your-server.com/image-compressor/compressor.php?image=<script>alert(1)</script>

SourceCodester Image Compressor Tool compressor.php cross site scripting

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigirtraduzindo…

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2025-1169 — XSS in Image Compressor Tool?

Am I affected by CVE-2025-1169 in Image Compressor Tool?

How do I fix CVE-2025-1169 in Image Compressor Tool?

Is CVE-2025-1169 being actively exploited?

Where can I find the official Image Compressor Tool advisory for CVE-2025-1169?

Seu projeto está afetado?