Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2025-27888

CWE-79 — Cross-site Scripting (XSS)CWE-601 — Open Redirect CWE-918 — Server-Side Request Forgery (SSRF)5 documents5 sources

Severity

5.8MEDIUM

EPSS

1.0%

top 23.62%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apache Software Foundation Apache Druid Apache Druid

Timeline

PublishedMar 20

Description

Severity: medium (5.8) / important Server-Side Request Forgery (SSRF), Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Druid. This issue affects all previous Druid versions. When using the Druid management proxy, a request that has a specially crafted URL could be used to redirect the request to an arbitrary server instead. This has the potential for XSS or XSRF. The user is requ…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N

Affected Packages3 packages

▶NVDapache/druid< 31.0.2

▶Mavenorg.apache.druid:druid32.0.0 — 32.0.1+1

▶CVEListV5apache_software_foundation/apache_druid< 31.0.2+1

🔴Vulnerability Details

GHSA

Apache Druid vulnerable to Server-Side Request Forgery, Cross-site Scripting, Open Redirect↗2025-03-20

▶

CVEList

Apache Druid: Server-Side Request Forgery and Cross-Site Scripting↗2025-03-20

▶

OSV

Apache Druid vulnerable to Server-Side Request Forgery, Cross-site Scripting, Open Redirect↗2025-03-20

▶

💥Exploits & PoCs

Nuclei

Apache Druid - Server-Side Request Forgery

▶