CVE-2025-9096 | ExpressGateway express-gateway up to 1.16.10 REST Endpoint lib/rest/routes/apps.js cross site scripting

A vulnerability classified as problematic has been found in ExpressGateway express-gateway up to 1.16.10. Affected is an unknown function in the library lib/rest/routes/apps.js of the component REST Endpoint. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-9096. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More