CVE-2025-66469
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-11

Assigner: GitHub, Inc.

Description
NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to Reflected XSS through its ui.add_css, ui.add_scss, and ui.add_sass functions. The functions lack proper sanitization or encoding for the JavaScript context they generate. An attacker can break out of the intended <style> or <script> tags by injecting closing tags (e.g., </style> or </script>), allowing for the execution of arbitrary JavaScript. This issue is fixed in version 3.4.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-11
Generated
2026-06-16
AI Q&A
2025-12-09
EPSS Evaluated
2026-06-15
NVD
CVE-2025-66469
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
zauberzeug nicegui 3.3.1
zauberzeug nicegui 3.4.0
zauberzeug nicegui to 3.4.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a Reflected Cross-Site Scripting (XSS) issue in NiceGUI versions 3.3.1 and below. It occurs because the functions ui.add_css, ui.add_scss, and ui.add_sass do not properly sanitize or encode input within the JavaScript context they generate. An attacker can inject closing tags like </style> or </script> to break out of the intended tags and execute arbitrary JavaScript code.

Impact Analysis

This vulnerability can allow an attacker to execute arbitrary JavaScript in the context of the affected application. This can lead to unauthorized actions such as stealing user session data, performing actions on behalf of users, or delivering malicious payloads, potentially compromising user data and application integrity.

Mitigation Strategies

Upgrade NiceGUI to version 3.4.0 or later, as this version contains the fix for the Reflected XSS vulnerability in the ui.add_css, ui.add_scss, and ui.add_sass functions.

Detection Guidance

This vulnerability can be detected by monitoring for reflected XSS attempts involving the ui.add_css, ui.add_scss, and ui.add_sass functions in NiceGUI versions 3.3.1 and below. One practical approach is to look for HTTP requests containing suspicious payloads that include closing tags like '</style>' or '</script>' injected into parameters that influence CSS or style content. For example, detecting URLs or parameters with patterns such as '</style>' or '</script>' followed by JavaScript code can indicate exploitation attempts. A simple command using grep on server logs might be: grep -E '</style>|</script>' /path/to/access.log. Additionally, testing your application by crafting URLs similar to the proof-of-concept payload, such as: http://localhost:8082/?color=red;}</style><img src=x onerror=alert(document.domain)><style> can help verify if the vulnerability exists. Automated web vulnerability scanners that detect reflected XSS can also be used against the affected endpoints. However, no specific detection commands are provided in the resources. [1]

Compliance Impact

The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-66469. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart