CVE-2025-13803 – MediaCrush Header paths.py http headers for scripting syntax

CVE ID : CVE-2025-13803

Published : Dec. 1, 2025, 3:15 a.m. | 1 hour, 9 minutes ago

Description : A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be launched remotely.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…