CVE-2025-57665
BaseFortify
Publication date: 2025-09-09
Last updated on: 2025-10-17
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| element-plus | element-plus | to 2.10.6 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in CVE-2025-57665 affects the Element Plus Link component (el-link) up to version 2.10.6. It arises because the component directly passes user-controlled href attribute values to underlying anchor (<a>) elements without validating the protocol or sanitizing the URL. This lack of input validation allows attackers to inject malicious URLs using dangerous protocols like javascript:, data:, or file:, or redirect users to external malicious sites. This creates risks such as Cross-Site Scripting (XSS) attacks, phishing campaigns, and open redirect exploits in applications using this component with untrusted URL inputs. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by enabling attackers to perform XSS attacks, which can execute malicious scripts in users' browsers, steal sensitive information, or hijack user sessions. It also allows phishing attacks by redirecting users to malicious websites, potentially leading to credential theft or malware infections. Open redirect exploits can undermine user trust and compromise application security, especially if your application uses the Element Plus Link component with user-controlled or untrusted URLs. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by inspecting the usage of the Element Plus Link component (el-link) in your application, specifically checking if user-controlled or untrusted inputs are passed directly to the href attribute without validation or sanitization. There are no specific network detection commands provided. However, you can audit your codebase for el-link components and verify if href values are sanitized. Additionally, you can use browser developer tools to inspect anchor elements rendered by el-link for unsafe protocols such as 'javascript:', 'data:', or 'file:'. No explicit commands are provided in the resources. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include validating and sanitizing all URLs assigned to the href attribute of the el-link component. Use a whitelist approach to allow only safe protocols such as 'http:' and 'https:'. For example, implement a sanitizeUrl function that parses URLs and returns a safe fallback (e.g., '#') if the URL is unsafe or malformed. Additionally, add the attributes rel="noopener noreferrer" to links to prevent tab-nabbing and other attacks. Review and follow the security warning added to the component's documentation to increase awareness. Avoid relying on automatic filtering within the component, and instead enforce URL validation in your application logic. [1, 2]