CVE-2025-66469
BaseFortify
Publication date: 2025-12-09
Last updated on: 2025-12-11
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zauberzeug | nicegui | 3.3.1 |
| zauberzeug | nicegui | 3.4.0 |
| zauberzeug | nicegui | to 3.4.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for reflected XSS attempts involving the ui.add_css, ui.add_scss, and ui.add_sass functions in NiceGUI versions 3.3.1 and below. One practical approach is to look for HTTP requests containing suspicious payloads that include closing tags like '</style>' or '</script>' injected into parameters that influence CSS or style content. For example, detecting URLs or parameters with patterns such as '</style>' or '</script>' followed by JavaScript code can indicate exploitation attempts. A simple command using grep on server logs might be: grep -E '</style>|</script>' /path/to/access.log. Additionally, testing your application by crafting URLs similar to the proof-of-concept payload, such as: http://localhost:8082/?color=red;}</style><img src=x onerror=alert(document.domain)><style> can help verify if the vulnerability exists. Automated web vulnerability scanners that detect reflected XSS can also be used against the affected endpoints. However, no specific detection commands are provided in the resources. [1]
Can you explain this vulnerability to me?
This vulnerability is a Reflected Cross-Site Scripting (XSS) issue in NiceGUI versions 3.3.1 and below. It occurs because the functions ui.add_css, ui.add_scss, and ui.add_sass do not properly sanitize or encode input within the JavaScript context they generate. An attacker can inject closing tags like </style> or </script> to break out of the intended tags and execute arbitrary JavaScript code.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary JavaScript in the context of the affected application. This can lead to unauthorized actions such as stealing user session data, performing actions on behalf of users, or delivering malicious payloads, potentially compromising user data and application integrity.
What immediate steps should I take to mitigate this vulnerability?
Upgrade NiceGUI to version 3.4.0 or later, as this version contains the fix for the Reflected XSS vulnerability in the ui.add_css, ui.add_scss, and ui.add_sass functions.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.