CVE-2025-57540

Name of the Vulnerable Software and Affected Versions: Proxmox Virtual Environment version 8.4

Description: A stored cross-site scripting (XSS) issue exists in the WebAuthn Relying Party field within the Datacenter configuration. Authenticated users can inject JavaScript code that is later executed in the browsers of users who view the configuration page, enabling client-side attacks.

Recommendations: Update to a newer version that contains a fix for this issue.