-/10CrowdSec Score

Astro - XSS (CVE-2025-64525)

Published on13-11-2025

First seen on01-01-1970

Public ExploitCVSS 6.5/10Withastro - Astro

0Exploiting IPs reported

Astro is a web framework. In Astro versions 2.16.0 up to but excluding 5.15.5 which utilizeon-demand rendering, request headers `x-forwarded-proto` and `x-forwarded-port` are insecurely used, without sanitization, to build the URL. This has several consequences, the most important of which are: middleware-based protected route bypass (only via `x-forwarded-proto`), DoS via cache poisoning (if a CDN is present), SSRF (only via `x-forwarded-proto`), URL pollution (potential SXSS, if a CDN is present), and WAF bypass. Version 5.15.5 contains a patch.

Exploitation

Get real-time information about exploitation attempts and actors involved.

Detected IPs

Discover the IPs that targeted this vulnerability across the CrowdSec Network.

・

Common Weakness Enumeration (CWE)

Protection

Find out relevant information to protect your stack against this CVE.

Blocklist

With our advanced worldwide network detection, CrowdSec can provide a list of IPs known for exploiting the vulnerability.

To increase your protection against this CVE, block exploitation attempts with this list of identified actors.