CVE-2025-32961 | cuba-platform jpawebapi up to 1.1.0 Header Content-Type cross site scripting (GHSA-hg25-w3vg-7279)
A vulnerability has been found in cuba-platform jpawebapi up to 1.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Header Handler. The manipulation of the argument Content-Type leads to cross site scripting.
This vulnerability is known as CVE-2025-32961. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.