CVE-2025-50579

A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a remote attacker-controlled server, potentially leading to unauthorized actions within the application.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/NginxProxyManager/nginx-proxy-manager	Product
https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4509	Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:jc21:nginx_proxy_manager:2.12.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-08-19 15:15

Updated : 2025-09-24 16:57

NVD link : CVE-2025-50579

Mitre link : CVE-2025-50579

CVE.ORG link : CVE-2025-50579

JSON object : View

Products Affected

jc21

nginx_proxy_manager

CWE

CWE-1259

Improper Restriction of Security Token Assignment

{"id": "CVE-2025-50579", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2025-08-19T15:15:28.160", "references": [{"url": "https://github.com/NginxProxyManager/nginx-proxy-manager", "tags": ["Product"], "source": "[email protected]"}, {"url": "https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4509", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-1259"}]}], "descriptions": [{"lang": "en", "value": "A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a remote attacker-controlled server, potentially leading to unauthorized actions within the application."}, {"lang": "es", "value": "Una configuraci\u00f3n incorrecta de CORS en Nginx Proxy Manager v2.12.3 permite que dominios no autorizados accedan a datos confidenciales, en particular tokens JWT, debido a una validaci\u00f3n incorrecta del encabezado Origin. Esta configuraci\u00f3n incorrecta permite a los atacantes interceptar tokens mediante un simple script del navegador y exfiltrarlos a un servidor remoto controlado por el atacante, lo que podr\u00eda provocar acciones no autorizadas dentro de la aplicaci\u00f3n."}], "lastModified": "2025-09-24T16:57:12.773", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jc21:nginx_proxy_manager:2.12.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD9AA809-0B52-4788-A88F-B7B9FEFC60D0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}