Plattform
java
Komponente
cachecloud
Behoben in
3.0.1
3.1.1
3.2.1
CVE-2025-15200 describes a cross-site scripting (XSS) vulnerability affecting SohuTV CacheCloud versions 3.0 through 3.2.0. This flaw allows attackers to inject malicious scripts into web pages viewed by other users, potentially leading to data theft or session hijacking. The vulnerability resides within the getExceptionStatisticsByClient/getCommandStatisticsByClient/doIndex function. A patch is available in version 3.2.1.
Successful exploitation of CVE-2025-15200 allows an attacker to execute arbitrary JavaScript code within the context of a victim's browser session. This can be leveraged to steal sensitive information such as cookies, session tokens, and personal data. An attacker could also redirect users to malicious websites or deface the application. The remote nature of the vulnerability means it can be exploited without requiring local access to the system. Given the public availability of an exploit, the risk of immediate exploitation is elevated.
The vulnerability is publicly disclosed and an exploit is already available, increasing the likelihood of exploitation. It has been added to the NVD database on 2025-12-29. The project maintainers have not yet responded to the issue report, which could indicate a lack of active support or a delayed response to security concerns. The EPSS score is likely medium due to the public exploit and lack of immediate response from the vendor.
Organizations utilizing SohuTV CacheCloud in their infrastructure, particularly those running versions 3.0 through 3.2.0, are at risk. Shared hosting environments where multiple users share the same CacheCloud instance are particularly vulnerable, as an attacker could potentially compromise other users' sessions.
• linux / server: Monitor access logs for suspicious requests targeting getExceptionStatisticsByClient/getCommandStatisticsByClient/doIndex with unusual parameters. Use grep to search for XSS payloads in these logs.
grep -i '<script' /var/log/apache2/access.log | grep 'getExceptionStatisticsByClient'• generic web: Use curl to test the vulnerable endpoints with various XSS payloads and observe the response for signs of script execution.
curl -X GET 'http://<cachecloud_ip>/<vulnerable_endpoint>?param=<script>alert(1)</script>' -s• java: Examine the application's source code for the getExceptionStatisticsByClient/getCommandStatisticsByClient/doIndex function to identify potential weaknesses in input validation or output encoding.
disclosure
poc
Exploit-Status
EPSS
0.07% (22% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-15200 is to upgrade SohuTV CacheCloud to version 3.2.1 or later, which contains the fix. If upgrading is not immediately feasible, consider implementing input validation and output encoding on the affected functions (getExceptionStatisticsByClient/getCommandStatisticsByClient/doIndex) to sanitize user-supplied data. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide a temporary layer of protection. After upgrading, verify the fix by attempting to inject a simple XSS payload into the vulnerable endpoints and confirming that it is properly neutralized.
Actualizar CacheCloud a una versión posterior a 3.2.0 que corrija la vulnerabilidad XSS. Si no hay una versión disponible, revisar y sanitizar las entradas de usuario en las funciones getExceptionStatisticsByClient, getCommandStatisticsByClient y doIndex del archivo AppClientDataShowController.java para evitar la inyección de código malicioso.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-15200 is a cross-site scripting (XSS) vulnerability in SohuTV CacheCloud versions 3.0-3.2.0, allowing attackers to inject malicious scripts.
You are affected if you are running SohuTV CacheCloud versions 3.0, 3.1, or 3.2.0. Upgrade to 3.2.1 or later to mitigate the risk.
Upgrade SohuTV CacheCloud to version 3.2.1 or later. Implement input validation and output encoding as a temporary workaround.
Yes, a public exploit is available, indicating a high probability of active exploitation.
Refer to the SohuTV CacheCloud project's official website or security advisory page for the latest information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine pom.xml-Datei hoch und wir sagen dir sofort, ob du betroffen bist.