Security Advisory

CVE-2025-52552

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-21 02:15:07

Last updated 2025-06-23 17:42:33

Assigner GitHub_M

State PUBLISHED

Description

FastGPT is an AI Agent building platform. Prior to version 4.9.12, the LastRoute Parameter on login page is vulnerable to open redirect and DOM-based XSS. Improper validation and lack of sanitization of this parameter allows attackers execute malicious JavaScript or redirect them to attacker-controlled sites. This issue has been patched in version 4.9.12.

← Browse all CVEs View on cve.org ↗