CVE-2025-65442
DOM-Based XSS in 201206030 Novel V3.5.0 Book Comments
Publication date: 2025-12-29
Last updated on: 2025-12-29
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| novel | 201206030 | 3.5.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a DOM-based Cross-Site Scripting (XSS) issue in the 201206030 novel V3.5.0 software. It allows remote attackers to execute arbitrary JavaScript code or disclose sensitive information such as user session cookies. The problem occurs because user input from the "wvstest" URL parameter or malicious scripts injected into window.localStorage are not properly validated or encoded. This unfiltered input is stored in the backend database and then rendered directly into the webpage DOM using Vue 3's v-html directive without sanitization, enabling attackers to bypass browser XSS filters and execute harmful scripts.
How can this vulnerability impact me? :
This vulnerability can allow attackers to execute arbitrary JavaScript code in the context of the affected website, potentially leading to theft of sensitive information such as user session cookies. This can result in account hijacking, unauthorized actions on behalf of users, data disclosure, and other malicious activities that compromise the security and privacy of users and the application.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This DOM-based XSS vulnerability allows attackers to execute arbitrary JavaScript and potentially steal sensitive information such as user session cookies. Such unauthorized disclosure and compromise of user data can lead to violations of data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access and breaches. Therefore, the vulnerability negatively impacts compliance by exposing user data to risk of theft and misuse. [3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for unfiltered user input in the book comment module, especially in the 'commentContent' field stored in the backend database and rendered via Vue 3's v-html directive without sanitization. You can test by submitting crafted payloads such as <script>alert(document.cookie)</script> in the comment textarea (id="txtComment") and observing if the script executes upon page reload. Additionally, inspect the localStorage entries with keys like 'book_comment_{bookId}' for malicious scripts. Example commands include using browser developer tools' console to check localStorage: localStorage.getItem('book_comment_{bookId}'), and using curl or similar tools to fetch API responses from /api/book/comment/list?bookId={bookId} to see if malicious content is returned unfiltered. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing proper input validation and sanitization on the backend to filter or encode user-submitted comments before storing them in the database. On the frontend, avoid rendering untrusted content using Vue 3's v-html directive without sanitization. Instead, use safe rendering methods or sanitize the HTML before insertion. Additionally, clear or validate localStorage entries related to book comments to prevent malicious scripts from persisting. Restrict user permissions to limit who can submit comments, and consider deploying Content Security Policy (CSP) headers to reduce the impact of XSS attacks. [3]