Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2025-65465 is a reflected Cross-Site Scripting (XSS) vulnerability found in the RaiseError function of Skrol29 TbsZip version 2.17 and earlier. This vulnerability occurs because the error message generated by the RaiseError function does not properly sanitize user input, specifically the filename parameter used in functions like FileRead.'}, {'type': 'paragraph', 'content': "When a remote attacker crafts a malicious payload containing script code within the filename parameter and triggers an error (such as requesting a non-existent file), the unsanitized input is reflected back in the error message. This allows the attacker to execute arbitrary web scripts or HTML in the context of the user's browser."}, {'type': 'paragraph', 'content': 'This vulnerability was fixed in version 2.18 of TbsZip by properly sanitizing error messages to prevent script injection.'}] [2, 3]

Useful 0 Not Useful 0

Impact Analysis

[{'type': 'paragraph', 'content': "This reflected XSS vulnerability can allow remote attackers to execute arbitrary scripts in the context of a user's browser when they interact with the vulnerable application. This can lead to several impacts including:"}, {'type': 'list_item', 'content': 'Theft of sensitive information such as cookies, session tokens, or other credentials.'}, {'type': 'list_item', 'content': 'Performing actions on behalf of the user without their consent (session hijacking).'}, {'type': 'list_item', 'content': 'Defacement or manipulation of the web interface.'}, {'type': 'list_item', 'content': 'Potential delivery of malware or phishing attacks through injected scripts.'}, {'type': 'paragraph', 'content': 'Overall, this vulnerability can compromise the security and trustworthiness of the affected web application and its users.'}] [2]

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by testing for reflected Cross-Site Scripting (XSS) in the RaiseError function of Skrol29 TbsZip versions 2.17 and earlier. A practical method is to send a crafted HTTP GET request with a script payload in the filename parameter and observe if the payload is reflected unsanitized in the error message.'}, {'type': 'paragraph', 'content': 'For example, you can use a command like the following to test for the vulnerability:'}, {'type': 'list_item', 'content': 'curl -i "http://[your-server]/xss.php?zip=test.zip&file=<script>alert(\'XSS\');</script>"'}, {'type': 'paragraph', 'content': 'If the response contains the injected script code without proper sanitization, the system is vulnerable to CVE-2025-65465.'}] [2]

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to upgrade Skrol29 TbsZip to version 2.18 or later, where the vulnerability has been fixed by properly sanitizing error messages in the RaiseError function.

Until the upgrade can be applied, avoid using untrusted input in the filename parameter or ensure that input is properly sanitized before being processed by the vulnerable functions.

Useful 0 Not Useful 0