CVE-2025-67231
BaseFortify
Publication date: 2026-01-23
Last updated on: 2026-01-29
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| todesktop | builder | to 0.33.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-67231 is a reflected cross-site scripting (XSS) vulnerability in ToDesktop Builder versions prior to 0.33.1. It occurs because user input in a custom URL protocol handler is not properly sanitized when rendering the offline screen, allowing attackers to inject and execute arbitrary JavaScript code in the context of the user's browser. This can happen when a user clicks a crafted malicious link, enabling the attacker to perform unauthorized actions via the ToDesktop API. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute arbitrary code in your browser when you interact with a maliciously crafted link. This can lead to unauthorized actions such as opening malicious pages within your browser context, potentially compromising the integrity of your application or data. Although the confidentiality impact is low, the integrity impact is high, meaning attackers could manipulate application behavior or data. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves identifying attempts to exploit the reflected XSS vulnerability via crafted protocol URLs targeting the ToDesktop Builder application's offline page. Monitoring network traffic or logs for suspicious ToDesktop protocol handler URLs containing script payloads can help. Since exploitation requires user interaction with malicious links, inspecting browser or application logs for such clicks is useful. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating ToDesktop Builder to version 0.33.1 or later, rebuilding the application, and releasing a new version of the app. Users with automatic security updates enabled have been updated automatically; those who disabled updates should be contacted directly to apply the patch. [1]