CVE-2025-66580
Stored XSS in Dive Mermaid Component Enables Remote Code Execution
Publication date: 2025-12-19
Last updated on: 2025-12-19
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openagentplatform | dive | 0.11.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2025-66580 is a critical Stored Cross-Site Scripting (XSS) vulnerability in the Dive application, specifically in the Mermaid diagram rendering component. The vulnerability arises because the Mermaid library is configured insecurely with `securityLevel: 'loose'`, allowing `javascript:` URIs in diagram nodes. An attacker can craft a malicious Mermaid graph that injects JavaScript code. When a user clicks on a malicious node, this JavaScript executes and sends a POST request to the backend API to overwrite the Model Context Protocol (MCP) server configuration with a malicious command. This leads to Remote Code Execution (RCE) on the victim's machine. The issue affects versions prior to 0.11.1, which fixes the vulnerability. [1]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including Remote Code Execution (RCE) on the victim's machine, allowing an attacker to execute arbitrary commands such as launching applications or modifying system configurations. It can lead to complete compromise of confidentiality, integrity, and availability of the affected system, enabling data theft, unauthorized data modification, and service disruption. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying if your system is running Dive versions prior to 0.11.1 and checking for the presence of malicious Mermaid diagrams that include `javascript:` URIs in their `click` event handlers. You can monitor network traffic for POST requests to the backend endpoint `/api/config/mcpserver` that attempt to overwrite MCP server configurations with suspicious payloads. For detection, you might use network monitoring tools or commands such as `tcpdump` or `Wireshark` to filter for POST requests to `/api/config/mcpserver`. Additionally, scanning your Dive application files for Mermaid diagrams with `securityLevel: 'loose'` or `click` events containing `javascript:` URIs can help identify vulnerable configurations. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the Dive application to version 0.11.1 or later, where this vulnerability is fixed. Avoid using Mermaid diagrams with `securityLevel: 'loose'` and disable or sanitize any `javascript:` URIs in Mermaid graph `click` events. Additionally, restrict or monitor POST requests to `/api/config/mcpserver` to prevent unauthorized configuration changes. Applying these steps will prevent exploitation of the Stored XSS and subsequent Remote Code Execution. [1]