CVE-2025-46096

UNKNOWN

Published 2025-06-13T00:00:00.000Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-46096. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

Not EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component

Affected Products (ENISA)

n/a

ENISA Scoring

CVSS Score (3.1)

6.1

/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS Score

0.070

probability

ENISA References

https://github.com/opensolon/solon/issues/357

https://gist.github.com/yaoyao-cool/1b7d80930fea88b6fd4839646cedc437

https://nvd.nist.gov/vuln/detail/CVE-2025-46096

Data provided by ENISA EU Vulnerability Database. Last updated: June 13, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

✓ GitHub Reviewed MODERATE

Solon Vulnerable to Directory Traversal

GHSA-m63q-4hr8-5r5h

Advisory Details

Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component

Affected Packages

Maven org.noear:solon-faas-luffy

ECOSYSTEM: ≥3.1.2 <3.2.0

CVSS Scoring

CVSS Score

5.0

CVSS Vector


                                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-46096

WEB https://github.com/opensolon/solon/issues/357

WEB https://github.com/opensolon/solon/commit/49a3bf95fdcf050829843004b65a2b336ca6ddff

WEB https://gist.github.com/yaoyao-cool/1b7d80930fea88b6fd4839646cedc437

PACKAGE https://github.com/opensolon/solon

Advisory provided by GitHub Security Advisory Database. Published: June 13, 2025, Modified: June 13, 2025

References

https://github.com/opensolon/solon/issues/357

https://gist.github.com/yaoyao-cool/1b7d80930fea88b6fd4839646cedc437

Published: 2025-06-13T00:00:00.000Z

Last Modified: 2025-06-13T12:48:15.380Z

Copied to clipboard!

CVE-2025-46096

Expert Analysis

Description

Available Exploits

Related News

EU Vulnerability Database

EU Coordination

Exploitation Status

EUVD ID

ENISA Analysis

Affected Products (ENISA)

ENISA Scoring

CVSS Score (3.1)

EPSS Score

ENISA References

GitHub Security Advisories

Solon Vulnerable to Directory Traversal

Advisory Details

Affected Packages

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!