Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-62613 PoC — vdo.ninja 跨站脚本漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-62613.yaml
Associated Vulnerability
Title:vdo.ninja 跨站脚本漏洞 (CVE-2025-62613)
Description:vdo.ninja是Steve Seguin个人开发者的一个远程视频输入工具。 vdo.ninja 28.0版本至28.4之前版本存在跨站脚本漏洞,该漏洞源于对examples/control.html中room参数清理不当,可能导致反射型跨站脚本攻击。
Description
VDO.Ninja 28.0 to 28.3 contains a reflected XSS caused by improper sanitization of the room parameter in examples/control.html, letting remote attackers execute scripts, exploit requires crafted URL.
File Snapshot

 id: CVE-2025-62613

info:
  name: VDO.Ninja - DOM-Based Cross-Site Scripting
  author: 0x_Akoko
  se

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.