SohuTV CacheCloud RedisConfigTemplateController.java preview cross site scripting_CVE-2025-15172

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in SohuTV CacheCloud up to 3.2.0. This impacts the function preview of the file src/main/java/com/sohu/cache/web/controller/RedisConfigTemplateController.java. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be exploited. The project was informed of the problem early through an issue report but has not responded yet.

Basic Information

ID CVE-2025-15172

Source VulDB

Published Dec 29, 2025 at 04:32

Affected Product

Vendor SohuTV

Product CacheCloud

Version 3.0

Affected Versions SohuTV CacheCloud 3.0
SohuTV CacheCloud 3.1
SohuTV CacheCloud 3.2.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in SohuTV CacheCloud up to 3.2.0. This impacts the function preview of the file src/main/java/com/sohu/cache/web/controller/RedisConfigTemplateController.java. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be exploited. The project was informed of the problem early through an issue report but has not responded yet.",
    "published": "2025-12-29T04:32:08.554Z",
    "modified": "2025-12-29T04:32:08.554Z",
    "type": "cve",
    "title": "SohuTV CacheCloud RedisConfigTemplateController.java preview cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.338557\nhttps://vuldb.com/?ctiid.338557\nhttps://vuldb.com/?submit.716306\nhttps://github.com/sohutv/cachecloud/issues/368\nhttps://github.com/sohutv/cachecloud/issues/368#issue-3733556724",
    "id": "CVE-2025-15172",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "SohuTV CacheCloud 3.0\nSohuTV CacheCloud 3.1\nSohuTV CacheCloud 3.2.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "CacheCloud",
    "version": "3.0",
    "vendor": "SohuTV",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}