CVE-2025-55133

Description

In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client/agora/public/js/editorManager.js.

PUBLISHED Reserved 2025-08-07 | Published 2025-08-07 | Updated 2025-08-08 | Assigner mitre

Problem types

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Product status

References

github.com/agorafoundation/agora/pull/556

github.com/...ommit/b087490042cb131963b524d0f86511a63a7ff085

github.com/...ulnerability-research/tree/main/CVE-2025-55133

cve.org (CVE-2025-55133)

nvd.nist.gov (CVE-2025-55133)

Download JSON