CVE-2025-50977

MEDIUM

6.1

Beschreibung

A template injection vulnerability leading to reflected cross-site scripting (XSS) has been identified in version 1.7.1, requiring authenticated admin access for exploitation. The vulnerability exists in the 'r' parameter and allows attackers to inject malicious Angular expressions that execute JavaScript code in the context of the application. The flaw can be exploited through GET requests to the summary endpoint as well as POST requests to specific Wicket interface endpoints, though the GET method provides easier weaponization. This vulnerability enables authenticated administrators to execute arbitrary client-side code, potentially leading to session hijacking, data theft, or further privilege escalation attacks.

CVE Details

CVSS v3.1 Bewertung6.1

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionREQUIRED

Veroffentlicht8/27/2025

Zuletzt geandert9/9/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

gitblit:gitblit

Schwachen (CWE)

CWE-79

Referenzen

https://github.com/4rdr/proofs/blob/main/info/gitblit-v1.7.1-reflected-XSS-via-angularjs-expression.md(cve@mitre.org)

https://github.com/4rdr/proofs/blob/main/info/gitblit-v1.7.1-reflected-XSS-via-angularjs-expression.md(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.