CVE-2025-61583

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions TS3 Manager versions prior to 2.2.2

Description TS3 Manager, a web interface for Teamspeak3 servers, contains a reflected cross-site scripting issue. The problem resides in the login page's error handling, specifically when processing server hostnames. Malicious scripts within these hostnames can be executed in a user's browser due to insufficient sanitization.

Recommendations Update to version 2.2.2 or later.

Exploit

Fix

XSS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-80CWE-20

Related Identifiers

CVE-2025-61583

GHSA-QW6J-37R6-M93G

Affected Products

Ts3-Manager

Teamspeak3

CVE-2025-61583

Weakness Enumeration

Related Identifiers

Affected Products

References · 10