CVE-2025-53834 – Caido Toast UI Component Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53834

Published : July 14, 2025, 11:15 p.m. | 1 hour, 15 minutes ago

Description : Caido is a web security auditing toolkit. A reflected cross-site scripting (XSS) vulnerability was discovered in Caido’s toast UI component in versions prior to 0.49.0. Toast messages may reflect unsanitized user input in certain tools such as Match&Replace and Scope. This could allow an attacker to craft input that results in arbitrary script execution. Version 0.49.0 fixes the issue.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…