PT-2025-7077 · Vega+2 · Vega+2
Fallingpineapples
·
Published
2025-02-14
·
Updated
2025-02-17
·
CVE-2025-25304
CVSS v4.0
6.9
Medium
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
Name of the Vulnerable Software and Affected Versions:
vega versions prior to 5.26.0
vega-selections versions prior to 5.4.2
Description:
The
vlSelectionTuples function can be used to call JavaScript functions, leading to cross-site scripting. This function calls multiple functions that can be controlled by an attacker, including one call with an attacker-controlled argument. This can be used to call Function() with arbitrary JavaScript and the resulting function can be called with vlSelectionTuples or using a type coercion to call toString or valueOf.Recommendations:
For vega versions prior to 5.26.0, update to version 5.26.0 or later to fix the issue.
For vega-selections versions prior to 5.4.2, update to version 5.4.2 or later to fix the issue.
As a temporary workaround, consider disabling the
vlSelectionTuples function until a patch is available.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Vega
Vega-Selections