CVE-2025-15203
Unknown Unknown - Not Provided
Remote XSS in SohuTV CacheCloud ResourceController Index Function

Publication date: 2025-12-29

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in SohuTV CacheCloud up to 3.2.0. This impacts the function index of the file src/main/java/com/sohu/cache/web/controller/ResourceController.java. Performing manipulation results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-29
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-12-29
EPSS Evaluated
2026-05-05
NVD
CVE-2025-15203
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
sohutv cachecloud 3.2.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in SohuTV CacheCloud up to version 3.2.0, specifically in the index function of the ResourceController.java file. It allows an attacker to perform cross-site scripting (XSS) attacks by manipulating inputs. The attack can be initiated remotely, and the exploit has been made public.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by sending crafted HTTP requests to the vulnerable endpoint `/manage/app/resource/index` with malicious payloads in parameters such as `searchName` or `tabTag` and observing if the payload is reflected and executed in the response. For example, using curl or a similar tool, you can send a POST request with a payload designed to trigger an alert dialog via XSS. A sample curl command might be: curl -X POST 'http://<target>/manage/app/resource/index' -d 'searchName=X" tabindex="1" autOfOCus ONfocUs=alert("zast-xss")//' -H 'Content-Type: application/x-www-form-urlencoded' If the response contains the injected script and it executes in a browser, the vulnerability is present. Monitoring web server logs for suspicious requests with script-like payloads in these parameters can also help detect exploitation attempts. [2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include avoiding use of the vulnerable CacheCloud version (up to 3.2.0) and considering replacing it with an alternative product, as no official patch or response has been provided. Additionally, you can implement web application firewall (WAF) rules to block or sanitize requests containing suspicious script payloads targeting the `/manage/app/resource/index` endpoint. Educate users to avoid clicking on suspicious links that might exploit this XSS vulnerability. Ultimately, applying proper output encoding or input sanitization in the application code for parameters like `searchName` and `tabTag` is required to fully fix the issue, but since no fix is available yet, these steps serve as immediate mitigations. [3]


How can this vulnerability impact me? :

The vulnerability can lead to cross-site scripting attacks, which may allow attackers to execute malicious scripts in the context of a user's browser. This can result in unauthorized actions, such as session hijacking or defacement, potentially compromising user trust and security.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart