Security Advisory

CVE-2025-54423

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-07-28 19:53:24

Last updated 2025-07-28 20:20:15

Assigner GitHub_M

State PUBLISHED

Description

copyparty is a portable file server. In versions up to and including versions 1.18.4, an unauthenticated attacker is able to execute arbitrary JavaScript code in a victims browser due to improper sanitization of multimedia tags in music files, including m3u files. This is fixed in version 1.18.5.

← Browse all CVEs View on cve.org ↗