nvd-json-data-feeds/CVE-2025/CVE-2025-251xx/CVE-2025-25190.json

{
  "id": "CVE-2025-25190",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2025-02-10T22:15:38.320",
  "lastModified": "2025-02-11T16:15:52.420",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The ZOO-Project is an open source processing platform. The ZOO-Project Web Processing Service (WPS) Server contains a Cross-Site Scripting (XSS) vulnerability in its EchoProcess service prior to commit 7a5ae1a. The vulnerability exists because the EchoProcess service directly reflects user input in its output without proper sanitization when handling complex inputs.The service accepts various input formats including XML, JSON, and SVG, and returns the content based on the requested MIME type. When processing SVG content and returning it with the image/svg+xml MIME type, the server fails to sanitize potentially malicious JavaScript in attributes like onload, allowing arbitrary JavaScript execution in the victim's browser context. This vulnerability is particularly dangerous because it exists in a service specifically designed to echo back user input, and the lack of proper sanitization in combination with SVG handling creates a reliable XSS vector. Commit 7a5ae1a contains a fix for the issue."
    },
    {
      "lang": "es",
      "value": "ZOO-Project es una plataforma de procesamiento de c\u00f3digo abierto. El servidor del servicio de procesamiento web (WPS) de ZOO-Project contiene una vulnerabilidad de cross site scripting (XSS) en su servicio EchoProcess antes de el commit 7a5ae1a. La vulnerabilidad existe porque el servicio EchoProcess refleja directamente la entrada del usuario en su salida sin la depuraci\u00f3n adecuada al gestionar entradas complejas. El servicio acepta varios formatos de entrada, incluidos XML, JSON y SVG, y devuelve el contenido en funci\u00f3n del tipo MIME solicitado. Al procesar contenido SVG y devolverlo con el tipo MIME image/svg+xml, el servidor no puede limpiar el JavaScript potencialmente malicioso en atributos como onload, lo que permite la ejecuci\u00f3n arbitraria de JavaScript en el contexto del navegador de la v\u00edctima. Esta vulnerabilidad es particularmente peligrosa porque existe en un servicio dise\u00f1ado espec\u00edficamente para hacer eco de la entrada del usuario, y la falta de una depuraci\u00f3n adecuada en combinaci\u00f3n con la gesti\u00f3n de SVG crea un vector XSS confiable. El commit 7a5ae1a contiene una soluci\u00f3n para el problema."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "security-advisories@github.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "LOW",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security-advisories@github.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/ZOO-Project/ZOO-Project/commit/7a5ae1a10faa2f9877d18ec72550dc23e8ce1aac",
      "source": "security-advisories@github.com"
    },
    {
      "url": "https://github.com/ZOO-Project/ZOO-Project/security/advisories/GHSA-2569-6r9f-j7jv",
      "source": "security-advisories@github.com"
    },
    {
      "url": "https://github.com/ZOO-Project/ZOO-Project/security/advisories/GHSA-2569-6r9f-j7jv",
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
    }
  ]
}