CSRF vulnerability in CIRCL Vulnerability-Lookup_CVE-2025-42620

8.3 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H

Description

In affected versions, vulnerability-lookup handled user-controlled
content in comments and bundles in an unsafe way, which could lead to
stored Cross-Site Scripting (XSS).

On the backend, the related_vulnerabilities field of bundles accepted
arbitrary strings without format validation or proper sanitization. On
the frontend, comment and bundle descriptions were converted from
Markdown to HTML and then injected directly into the DOM using string
templates and innerHTML. This combination allowed an attacker who could
create or edit comments or bundles to store crafted HTML/JavaScript
payloads which would later be rendered and executed in the browser of
any user visiting the affected profile page (user.html).

This issue affects Vulnerability-Lookup: before 2.18.0.

Basic Information

ID CVE-2025-42620

Source ENISA

Published Dec 8, 2025 at 12:15

Modified Dec 8, 2025 at 12:27

Affected Product

Vendor CIRCL

Product Vulnerability-Lookup

Affected Versions CIRCL Vulnerability-Lookup 0

CWE Classification

CWE-79

References

vulnerability.circl.lu /vuln/gcve-1-2025-0035

{
    "lastseen": "",
    "description": "In affected versions, vulnerability-lookup handled user-controlled \ncontent in comments and bundles in an unsafe way, which could lead to \nstored Cross-Site Scripting (XSS).\n\n\n\n\nOn the backend, the related_vulnerabilities field of bundles accepted \narbitrary strings without format validation or proper sanitization. On \nthe frontend, comment and bundle descriptions were converted from \nMarkdown to HTML and then injected directly into the DOM using string \ntemplates and innerHTML. This combination allowed an attacker who could \ncreate or edit comments or bundles to store crafted HTML/JavaScript \npayloads which would later be rendered and executed in the browser of \nany user visiting the affected profile page (user.html).\u00a0\n\n\n\n\n\n\n\nThis issue affects Vulnerability-Lookup: before 2.18.0.",
    "published": "2025-12-08T12:15:15.950Z",
    "modified": "2025-12-08T12:27:15.797Z",
    "type": "cve",
    "title": "CSRF vulnerability in CIRCL Vulnerability-Lookup",
    "source": "ENISA",
    "references": "https://vulnerability.circl.lu/vuln/gcve-1-2025-0035",
    "id": "CVE-2025-42620",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "CIRCL Vulnerability-Lookup 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.3,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Vulnerability-Lookup",
    "version": "0",
    "vendor": "CIRCL",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}