CVE-2025-27088

Name of the Vulnerable Software and Affected Versions oxyno-zeta/s3-proxy versions prior to 4.18.1

Description A Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted domain, posing a moderate risk to all users. It's possible to inject html elements, including scripts through the folder-list template. The affected template allows users to interact with the URL path provided by the Request.URL.Path variable, which is then rendered directly into the HTML without proper sanitization or escaping. This can be abused by attackers who craft a malicious URL containing injected HTML or JavaScript. When users visit such a URL, the malicious script will be executed in the user's context.

Recommendations To resolve the issue, upgrade to version 4.18.1 or later. As a temporary workaround, consider restricting access to the folder-list template to minimize the risk of exploitation. Avoid using the Request.URL.Path variable in the affected template until the issue is resolved. There are no known workarounds for this vulnerability.