CVE-2025-15171
Unknown Unknown - Not Provided
Cross-Site Scripting in SohuTV CacheCloud ServerController

Publication date: 2025-12-29

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was identified in SohuTV CacheCloud up to 3.2.0. This affects the function index of the file src/main/java/com/sohu/cache/web/controller/ServerController.java. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-29
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-12-29
EPSS Evaluated
2026-05-05
NVD
CVE-2025-15171
EUVD
EUVD-2025-205549
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
sohutv cachecloud *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in SohuTV CacheCloud up to version 3.2.0, specifically in the index function of the ServerController.java file. It allows an attacker to perform cross-site scripting (XSS) attacks by manipulating this function. The vulnerability can be exploited remotely, and the exploit code is publicly available.


How can this vulnerability impact me? :

The vulnerability can lead to cross-site scripting attacks, which may allow attackers to inject malicious scripts into web pages viewed by other users. This can result in unauthorized actions performed on behalf of users, theft of sensitive information, or session hijacking. Since remote exploitation is possible, attackers can exploit this vulnerability without physical access.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by sending crafted HTTP requests to the vulnerable /server/index endpoint with malicious payloads in the 'ip' parameter and observing if the payload is reflected and executed in the response. For example, you can use curl or Python requests to send a POST request with a payload that includes JavaScript code in the 'ip' parameter. A sample curl command to test might be: curl -X POST -d 'ip=X" tabindex="1" AuTOFocus ONFocUs=alert("zast-xss")//' -d 'date=' http://target-url/server/index -v. If the response contains the injected script without proper encoding, the vulnerability is present. [2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include avoiding use of the affected CacheCloud version up to 3.2.0, as no official patches or fixes are available. Consider replacing the affected product or disabling access to the vulnerable /server/index endpoint to prevent exploitation. Additionally, implement web application firewall (WAF) rules to detect and block malicious payloads targeting the 'ip' parameter. Educate users to be cautious of suspicious links that might exploit this XSS vulnerability. [1, 2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart