CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-56200

A URL validation bypass vulnerability exists in validator.js through version 13.15.15. The isURL() function uses '://' as a delimiter to parse protocols, while browsers use ':' as the delimiter. This parsing difference allows attackers to bypass protocol and domain validation by crafting URLs leading to XSS and Open Redirect attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.9%

CVSS Severity

CVSS v3 Score 6.1

References

Products affected by CVE-2025-56200

Validator Project » Validator » Version: 0.5.0

cpe:2.3:a:validator_project:validator:0.5.0
Validator Project » Validator » Version: 1.0.0

cpe:2.3:a:validator_project:validator:1.0.0
Validator Project » Validator » Version: 1.1.0

cpe:2.3:a:validator_project:validator:1.1.0
Validator Project » Validator » Version: 1.1.2

cpe:2.3:a:validator_project:validator:1.1.2
Validator Project » Validator » Version: 1.2.0

cpe:2.3:a:validator_project:validator:1.2.0
Validator Project » Validator » Version: 1.2.1

cpe:2.3:a:validator_project:validator:1.2.1
Validator Project » Validator » Version: 1.2.2

cpe:2.3:a:validator_project:validator:1.2.2
Validator Project » Validator » Version: 1.3.0

cpe:2.3:a:validator_project:validator:1.3.0
Validator Project » Validator » Version: 1.4.0

cpe:2.3:a:validator_project:validator:1.4.0
Validator Project » Validator » Version: 1.5.0

cpe:2.3:a:validator_project:validator:1.5.0
Validator Project » Validator » Version: 1.5.1

cpe:2.3:a:validator_project:validator:1.5.1
Validator Project » Validator » Version: 2.0.0

cpe:2.3:a:validator_project:validator:2.0.0
Validator Project » Validator » Version: 2.1.0

cpe:2.3:a:validator_project:validator:2.1.0
Validator Project » Validator » Version: 3.0.0

cpe:2.3:a:validator_project:validator:3.0.0
Validator Project » Validator » Version: 3.1.0

cpe:2.3:a:validator_project:validator:3.1.0
Validator Project » Validator » Version: 3.10.0

cpe:2.3:a:validator_project:validator:3.10.0
Validator Project » Validator » Version: 3.11.0

cpe:2.3:a:validator_project:validator:3.11.0
Validator Project » Validator » Version: 3.11.1

cpe:2.3:a:validator_project:validator:3.11.1
Validator Project » Validator » Version: 3.11.2

cpe:2.3:a:validator_project:validator:3.11.2
Validator Project » Validator » Version: 3.12.0

cpe:2.3:a:validator_project:validator:3.12.0
Validator Project » Validator » Version: 3.13.0

cpe:2.3:a:validator_project:validator:3.13.0
Validator Project » Validator » Version: 3.14.0

cpe:2.3:a:validator_project:validator:3.14.0
Validator Project » Validator » Version: 3.14.1

cpe:2.3:a:validator_project:validator:3.14.1
Validator Project » Validator » Version: 3.15.0

cpe:2.3:a:validator_project:validator:3.15.0
Validator Project » Validator » Version: 3.2.0

cpe:2.3:a:validator_project:validator:3.2.0
Validator Project » Validator » Version: 3.2.1

cpe:2.3:a:validator_project:validator:3.2.1
Validator Project » Validator » Version: 3.3.0

cpe:2.3:a:validator_project:validator:3.3.0
Validator Project » Validator » Version: 3.4.0

cpe:2.3:a:validator_project:validator:3.4.0
Validator Project » Validator » Version: 3.5.0

cpe:2.3:a:validator_project:validator:3.5.0
Validator Project » Validator » Version: 3.5.1

cpe:2.3:a:validator_project:validator:3.5.1
Validator Project » Validator » Version: 3.6.0

cpe:2.3:a:validator_project:validator:3.6.0
Validator Project » Validator » Version: 3.7.0

cpe:2.3:a:validator_project:validator:3.7.0
Validator Project » Validator » Version: 3.8.0

cpe:2.3:a:validator_project:validator:3.8.0
Validator Project » Validator » Version: 3.9.0

cpe:2.3:a:validator_project:validator:3.9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-56200

Products

Pricing

Contact Us