CVE-2025-10234
BaseFortify
Publication date: 2025-09-11
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| scada-lts | scada-lts | to 2.7.8.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-10234 is a stored cross-site scripting (XSS) vulnerability in Scada-LTS versions up to 2.7.8.1, specifically in the Data Point Edit module. It occurs because user input in the Text Renderer properties, such as the suffix or Data Point Name field, is not properly sanitized before being rendered back in the web interface. An attacker with authentication can inject malicious JavaScript code that gets stored and later executed in the browsers of users who view the affected page, enabling actions like session hijacking or webpage defacement. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can lead to persistent execution of arbitrary JavaScript in the browsers of SCADA system operators or users, potentially resulting in session hijacking, account takeover, data theft, and webpage defacement. In critical SCADA/Industrial Control System environments, this could compromise operator consoles and affect system integrity. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of malicious or unexpected JavaScript code injected into the Data Point Edit module, specifically in the Text Renderer properties or Data Point Name fields within the /data_point_edit.shtm page. Since exploitation requires authentication, detection involves reviewing inputs to these fields for suspicious payloads such as <img src=x onerror=alert(1)>. Commands to detect this might include using web application scanners that identify stored XSS vulnerabilities or manually inspecting HTTP requests and responses involving the Data Point Edit page. For example, using curl or wget to fetch the page and grep for suspicious scripts, or employing tools like OWASP ZAP or Burp Suite to scan for XSS in authenticated sessions. However, no specific commands are provided in the resources. [1, 2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the Data Point Edit module to trusted users only, enforcing strong authentication and authorization controls, and avoiding the use of the vulnerable Scada-LTS versions up to 2.7.8.1. Additionally, input sanitization and output escaping should be implemented server-side to neutralize dangerous characters in user inputs, such as using JSP <c:out> tags instead of raw output, and avoiding unsafe DOM APIs like innerHTML in favor of safer alternatives like textContent or sanitizers such as DOMPurify. Since no vendor patch or official fix is available, consider replacing or upgrading the affected module or product. Monitoring for suspicious activity and educating users about the risk of XSS attacks are also recommended. [2, 3]