CVE-2025-57538

Name of the Vulnerable Software and Affected Versions: Proxmox Virtual Environment version 8.4

Description: A stored cross-site scripting (XSS) vulnerability exists in the HTTP Proxy field within the Datacenter configuration panel. This allows an authenticated user to inject malicious input that is stored and executed in the context of other users’ browsers when they view the affected configuration page, potentially leading to arbitrary JavaScript execution.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.