Platform
java
Component
javasec
Fixed in
3.0.1
A cross-site scripting (XSS) vulnerability has been identified in aitangbao springboot-manager versions 3.0. This issue arises from improper handling of file names within the /sysFiles/upload component, enabling attackers to inject malicious scripts. Affected versions include 3.0. A fix is available in version 3.0.1.
The vulnerability allows an attacker to inject arbitrary JavaScript code into the application via manipulation of the 'name' parameter when uploading files to the /sysFiles/upload endpoint. Successful exploitation could lead to session hijacking, defacement of the application, or redirection to malicious websites. The attacker could potentially steal sensitive user data or gain unauthorized access to the system. This vulnerability is particularly concerning as it is a cross-site scripting flaw, which is a common attack vector used to compromise web applications.
This vulnerability has been publicly disclosed. The exploit is considered to have a low probability of exploitation (LOW EPSS score) due to the need for user interaction to trigger the XSS payload. No active campaigns or KEV listing are currently associated with this CVE as of the publication date. The vulnerability was disclosed on 2025-03-11.
Exploit Status
EPSS
0.09% (25% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade to version 3.0.1 of springboot-manager, which addresses the vulnerability. If an immediate upgrade is not feasible, consider implementing input validation and sanitization on the 'name' parameter within the /sysFiles/upload endpoint. A Web Application Firewall (WAF) can be configured to block requests containing suspicious characters or patterns in the filename. Regularly review and update security policies to prevent similar vulnerabilities in the future.
Update to a patched version of springboot-manager that resolves the Cross-Site Scripting (XSS) vulnerability in file upload. If no version is available, review and sanitize file name inputs in the /sysFiles/upload endpoint to prevent malicious code injection. Implement robust server-side validations to ensure file names are safe.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-2208 is a cross-site scripting (XSS) vulnerability in aitangbao springboot-manager version 3.0, affecting file uploads and potentially allowing attackers to inject malicious scripts.
If you are using springboot-manager version 3.0 and haven't upgraded, you are potentially affected. Assess your usage of the /sysFiles/upload endpoint.
Upgrade to version 3.0.1. If immediate upgrade isn't possible, implement input validation and consider a WAF.
Currently, there's no confirmed active exploitation, but the vulnerability is publicly disclosed and could be exploited.
Refer to the aitangbao project's official channels and security advisories for the most up-to-date information regarding CVE-2025-2208.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your pom.xml file and we'll tell you instantly if you're affected.