AIRI's character card/chat UI is vulnerable to XSS and can lead to RCE
traduction en cours…Plateforme
javascript
Composant
stage-ui
Corrigé dans
0.7.3
CVE-2025-59053 describes a critical cross-site scripting (XSS) vulnerability discovered in the AIRI Stage UI component. This flaw allows attackers to inject malicious HTML and JavaScript code into card files, which are then processed and rendered directly in the user's browser, potentially leading to account takeover or data theft. The vulnerability affects versions 0.7.2-beta.2 and earlier, and a patch is available in version 0.7.2-beta.3.
Impact et Scénarios d'Attaquetraduction en cours…
An attacker can exploit this XSS vulnerability by crafting a malicious card file containing JavaScript or HTML payloads. When a user processes this card file through the AIRI Stage UI, the injected code will be executed within the user's browser context. This can lead to a variety of attacks, including session hijacking, credential theft, redirection to phishing sites, and defacement of the user interface. The impact is particularly severe as the vulnerability allows for arbitrary client-side code execution, granting the attacker a high degree of control over the affected user's session. This vulnerability shares similarities with other XSS vulnerabilities where unsanitized user input is directly rendered into the DOM.
Contexte d'Exploitationtraduction en cours…
CVE-2025-59053 was publicly disclosed on 2025-09-11. No known active exploitation campaigns have been reported at the time of writing. There are currently no public proof-of-concept exploits available, but the vulnerability's nature makes it likely that such exploits will emerge. It is not listed on the CISA KEV catalog.
Qui Est à Risquetraduction en cours…
Self-hosted AIRI deployments running versions 0.7.2-beta.2 or earlier are at immediate risk. Users who process card files from untrusted sources are particularly vulnerable. Shared hosting environments where multiple users share the same AIRI instance could experience widespread impact if one user is compromised.
Étapes de Détectiontraduction en cours…
• javascript / web: Examine card files for suspicious HTML or JavaScript code. Use browser developer tools to inspect the DOM for unexpected script tags or event handlers. • javascript / web: Monitor network traffic for requests containing unusual parameters or payloads. • javascript / web: Review AIRI Stage UI logs for errors or anomalies related to Markdown processing. • javascript / web: Use a static code analysis tool to scan the codebase for potential XSS vulnerabilities.
Chronologie de l'Attaque
- Disclosure
disclosure
Renseignement sur les Menaces
Statut de l'Exploit
EPSS
0.04% (percentile 11%)
CISA SSVC
Vecteur CVSS
Que signifient ces métriques?
- Attack Vector
- Réseau — exploitable à distance via internet. Aucun accès physique ou local requis.
- Attack Complexity
- Faible — aucune condition spéciale requise. Exploitable de manière fiable.
- Privileges Required
- Aucun — sans authentification. Aucune identifiant requis pour exploiter.
- User Interaction
- Requise — la victime doit ouvrir un fichier, cliquer sur un lien ou visiter une page.
- Scope
- Modifié — l'attaque peut pivoter au-delà du composant vulnérable.
- Confidentiality
- Élevé — perte totale de confidentialité. L'attaquant peut lire toutes les données.
- Integrity
- Élevé — l'attaquant peut écrire, modifier ou supprimer toutes les données.
- Availability
- Élevé — panne complète ou épuisement des ressources. Déni de service total.
Logiciel Affecté
Classification de Faiblesse (CWE)
Chronologie
- Réservé
- Publiée
- EPSS mis à jour
Mitigation et Contournementstraduction en cours…
The primary mitigation for CVE-2025-59053 is to immediately upgrade to version 0.7.2-beta.3 or later, which contains the fix for this vulnerability. If upgrading is not immediately feasible, consider implementing input validation and output sanitization on the Markdown content before rendering it in the UI. While not a complete solution, this can help reduce the attack surface. Additionally, implement a Web Application Firewall (WAF) with rules to detect and block requests containing suspicious HTML or JavaScript payloads. Regularly scan your AIRI Stage UI deployment for vulnerabilities using automated security tools.
Comment corrigertraduction en cours…
Actualice AIRI a la versión 0.7.2-beta.3 o posterior. Esta versión corrige la vulnerabilidad XSS y la posibilidad de ejecución remota de código. La actualización mitiga el riesgo de que un atacante ejecute código malicioso en su sistema.
Newsletter Sécurité CVE
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
Questions fréquentestraduction en cours…
What is CVE-2025-59053 — XSS in AIRI Stage UI?
CVE-2025-59053 is a critical XSS vulnerability in AIRI Stage UI versions 0.7.2-beta.2 and prior, allowing attackers to inject malicious code via card files.
Am I affected by CVE-2025-59053 in AIRI Stage UI?
You are affected if you are running AIRI Stage UI version 0.7.2-beta.2 or earlier and process card files from untrusted sources.
How do I fix CVE-2025-59053 in AIRI Stage UI?
Upgrade to version 0.7.2-beta.3 or later to resolve the vulnerability. Consider input validation and WAF rules as temporary mitigations.
Is CVE-2025-59053 being actively exploited?
No active exploitation campaigns have been reported, but the vulnerability's nature makes exploitation likely.
Where can I find the official AIRI advisory for CVE-2025-59053?
Refer to the official AIRI project documentation and security advisories for the latest information.
Ton projet est-il affecté ?
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.