How severe is CVE-2025-32379?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5 out of 10.

What type of vulnerability is CVE-2025-32379?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2025-32379

MEDIUM Year: 2025

CVSS v3 Score

5.0

Medium

Weakness Type

CWE-79

View all →

Vulnerability Description

Koa is expressive middleware for Node.js using ES2017 async functions. In koa < 2.16.1 and < 3.0.0-alpha.5, passing untrusted user input to ctx.redirect() even after sanitizing it, may execute javascript code on the user who use the app. This issue is patched in 2.16.1 and 3.0.0-alpha.5.

CVE-2017-18783

MEDIUM

CVSS:5.0(Medium)

Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1....

CWE-792017

CVE-2017-18784

MEDIUM

CVSS:5.0(Medium)

Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0...

CWE-792017

CVE-2019-1677

MEDIUM

CVSS:5.0(Medium)

A vulnerability in Cisco Webex Meetings for Android could allow an unauthenticated, local attacker to perform a cross-site scripting attack against the application. The vulnerability is due to insuffi...

CWE-792019