CVE-2025-50579
Last modified
CVE-2025-50579 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a remote attacker-controlled server, potentially leading to unauthorized actions within the application.. EPSS estimates a 0.36% chance of exploitation in the next 30 days.
Description
A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a remote attacker-controlled server, potentially leading to unauthorized actions within the application.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Jc21 | Nginx Proxy Manager | 2.12.3 |
References
- https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4509Issue Tracking, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-50579?
How severe is CVE-2025-50579?
How do I fix CVE-2025-50579?
Are you affected by CVE-2025-50579?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST