CVE-2025-6283 | xataio Xata Agent up to 0.3.0 route.ts GET passed path traversal

A vulnerability was found in xataio Xata Agent up to 0.3.0. It has been classified as problematic. This affects the function GET of the file apps/dbagent/src/app/api/evals/route.ts. The manipulation of the argument passed leads to path traversal.

This vulnerability is uniquely identified as CVE-2025-6283. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More