PT-2026-29209 · Anon Proxy Server · Anon Proxy Server
Rafael Pedrero
·
Published
2026-03-31
·
Updated
2026-03-31
·
CVE-2025-41355
CVSS v4.0
5.1
Medium
| AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Reflected Cross-Site Scripting (XSS) vulnerability in Anon Proxy Server
v0.104. This vulnerability allows an attacker to execute JavaScript code
in the victim's browser by sending him/her a malicious URL. This
vulnerability can be exploited to steal sensitive user data, such as
session cookies, or to perform actions on behalf of the user. It affects
'port' and 'proxyPort' parameters in '/anon.php' endpoint.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Anon Proxy Server