Vulnerability Details CVE-2025-11146
Reflected Cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vulnerability allows an attacker to execute malicious scripts (XSS) in the web management application. The vulnerability is caused by improper handling of GET inputs included in the URL in “/acng-report.html”.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.6%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2025-11146
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:3.2-1