CVE-2025-11360 | jakowenko double-take up to 1.13.1 API api/src/app.js app.use X-Ingress-Path cross site scripting

A vulnerability labeled as problematic has been found in jakowenko double-take up to 1.13.1. The impacted element is the function app.use of the file api/src/app.js of the component API. The manipulation of the argument X-Ingress-Path results in cross site scripting.

This vulnerability is identified as CVE-2025-11360. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More