How severe is CVE-2025-32788?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2025-32788?

This is classified as CWE-290, which is a common weakness in software security.

CVE-2025-32788 - MEDIUM Severity | CVSS 4.3

Vulnerability Description

OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential future modifications to the codebase that might incorrectly rely on the vulnerable internal functions for authentication checks, leading to security vulnerabilities. This issue has been patched in version 1.11.0.

Related Vulnerabilities

CVE-2018-8383

MEDIUM

CVSS:4.3(Medium)

A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-...

CWE-2902018

CVE-2018-8388

MEDIUM

CVSS:4.3(Medium)

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2...

CWE-2902018

CVE-2018-8425

MEDIUM

CVSS:4.3(Medium)

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge.

CWE-2902018

CVE-2019-0608

MEDIUM

CVSS:4.3(Medium)

A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1357.

CWE-2902019

CVE-2019-1357

MEDIUM

CVSS:4.3(Medium)

A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0608.

CWE-2902019

CVE-2019-13701

MEDIUM

CVSS:4.3(Medium)

Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

CWE-2902019