CVE-2025-67634

Medium CVSS: 4.6

The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable to cross-site scripting via text fields. If an attacker could convince a user to import a specially-crafted JSON file, the Tool would load JavaScript from the file into the page. The JavaScript would execute in the context of the user's browser when the user submits the page (clicks 'Next').

Vendor

Cisa

Product

Software Acquisition Guide

CWE

CWE-79

Yayın Tarihi

2025-12-12 21:15:59

Güncelleme

2026-01-02 18:52:18

Source Identifier

9119a7d8-5eab-497f-8521-727c672e3725

KEV Date Added

Kategoriler

CWE-79 Software Acquisition Guide MEDIUM Cisa 2025

Referanslar

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-345-01.json https://www.cisa.gov/software-acquisition-guide/tool https://www.cve.org/CVERecord?id=CVE-2025-67634

Benzer Kayıtlar

Medium

CVE-2025-35436

CISA Thorium uses '.unwrap()' to handle errors related to account verification email messages. An unauthenticated remote…

Medium

CVE-2025-35430

CISA Thorium does not adequately validate the paths of downloaded files via 'download_ephemeral' and 'download_children'…

Medium

CVE-2025-35431

CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated remote attacker can modify L…

Medium

CVE-2025-35432

CISA Thorium does not rate limit requests to send account verification email messages. A remote unauthenticated attacker…

Low

CVE-2025-35433

CISA Thorium does not properly invalidate previously used tokens when resetting passwords. An attacker that possesses a…

Low

CVE-2025-35434

CISA Thorium does not validate TLS certificates when connecting to Elasticsearch. An unauthenticated attacker with acces…