プラットフォーム
java
コンポーネント
cachecloud
修正版
3.0.1
3.1.1
3.2.1
CVE-2025-15221 describes a cross-site scripting (XSS) vulnerability discovered in SohuTV CacheCloud, affecting versions 3.0 through 3.2.0. This flaw resides within the AppDataMigrateController.java file and allows attackers to inject malicious scripts into the application. A public exploit is available, increasing the risk of exploitation. The vulnerability is addressed in version 3.2.1.
Successful exploitation of CVE-2025-15221 allows an attacker to inject arbitrary JavaScript code into the CacheCloud web interface. This could lead to session hijacking, defacement of the application, or redirection to malicious websites. The attacker could potentially steal sensitive user data or gain unauthorized access to backend systems if they have appropriate credentials. Given the availability of a public exploit, this vulnerability poses a significant risk, particularly for environments where user input is not properly sanitized.
CVE-2025-15221 has been publicly disclosed and a proof-of-concept exploit is available, indicating a higher probability of exploitation. The vulnerability was reported to the project but has not yet received a response, which could delay further mitigation efforts. The vulnerability was published on 2025-12-30. The LOW CVSS score reflects the relatively simple exploitation path and limited potential impact, but the public exploit significantly increases the risk.
Organizations utilizing SohuTV CacheCloud versions 3.0 through 3.2.0 are at risk. This includes those relying on CacheCloud for caching services and those with public-facing web interfaces. Shared hosting environments where multiple users share the same CacheCloud instance are particularly vulnerable, as an attacker could potentially exploit the vulnerability through another user's session.
• java / server: Monitor CacheCloud logs for unusual JavaScript execution patterns or suspicious URL parameters.
grep -i 'script' /var/log/cachecloud/app.log• generic web: Use curl to test the AppDataMigrateController endpoint with various payloads to identify XSS vulnerabilities.
curl 'http://<cachecloud_ip>/AppDataMigrateController?param=<xss_payload>' -v• generic web: Check response headers for signs of XSS, such as Content-Security-Policy (CSP) headers that are not properly configured.
disclosure
poc
エクスプロイト状況
EPSS
0.03% (9% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2025-15221 is to upgrade CacheCloud to version 3.2.1 or later, which contains the fix. If immediate upgrading is not possible, consider implementing input validation and output encoding on the affected AppDataMigrateController.java endpoint to sanitize user-supplied data. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide a temporary layer of protection. Thoroughly review and update any custom code interacting with the CacheCloud API to ensure proper input sanitization.
Actualizar CacheCloud a una versión posterior a la 3.2.0 que corrija la vulnerabilidad de Cross-Site Scripting (XSS). Si no hay una versión disponible, revisar y sanitizar las entradas del usuario en la función index de AppDataMigrateController.java para evitar la inyección de código malicioso.
脆弱性分析と重要アラートをメールでお届けします。
CVE-2025-15221 is a cross-site scripting (XSS) vulnerability affecting SohuTV CacheCloud versions 3.0-3.2.0, allowing attackers to inject malicious scripts.
You are affected if you are using SohuTV CacheCloud versions 3.0, 3.1, or 3.2.0. Upgrade to 3.2.1 or later to mitigate the risk.
Upgrade to SohuTV CacheCloud version 3.2.1 or later. Implement input validation and output encoding as a temporary workaround.
Yes, a public exploit is available, indicating a potential for active exploitation.
Refer to the SohuTV CacheCloud project's official website or GitHub repository for updates and advisories related to CVE-2025-15221.
pom.xml ファイルをアップロードすると、影響の有無を即座にお知らせします。