Security Advisory

CVE-2025-1087

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-09 11:37:49

Last updated 2025-09-17 13:48:50

Assigner Kong

State PUBLISHED

Description

Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings, which can lead to arbitrary JavaScript execution in the context of the application.

← Browse all CVEs View on cve.org ↗