CVE-2025-30342

An XSS issue was discovered in OpenSlides before 4.2.5. When submitting descriptions such as Moderator Notes or Agenda Topics, an editor is shown that allows one to format the submitted text. This allows insertion of various HTML elements. When trying to insert a SCRIPT element, it is properly encoded when reflected; however, adding attributes to links is possible, which allows the injection of JavaScript via the onmouseover attribute and others. When a user moves the mouse over such a prepared link, JavaScript is executed in that user's session.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://www.x41-dsec.de/lab/advisories/x41-2025-001-OpenSlides	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openslides:openslides:*:*:*:*:*:*:*:*

History

27 Mar 2025, 13:35

Type	Values Removed	Values Added
Summary		(es) Se detectó un problema de XSS en OpenSlides antes de la versión 4.2.5. Al enviar descripciones como Notas del moderador o Temas de la agenda, se muestra un editor que permite formatear el texto enviado. Esto permite insertar varios elementos HTML. Al insertar un elemento SCRIPT, este se codifica correctamente al reflejarse; sin embargo, es posible añadir atributos a los enlaces, lo que permite la inyección de JavaScript mediante el atributo onmouseover y otros. Cuando un usuario pasa el ratón sobre un enlace preparado, se ejecuta JavaScript en su sesión.
CPE		cpe:2.3:a:openslides:openslides::::::::
References	~~() https://www.x41-dsec.de/lab/advisories/x41-2025-001-OpenSlides -~~	() https://www.x41-dsec.de/lab/advisories/x41-2025-001-OpenSlides - Exploit, Third Party Advisory
First Time		Openslides Openslides openslides

21 Mar 2025, 06:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-21 06:15

Updated : 2025-03-27 13:35

NVD link : CVE-2025-30342

Mitre link : CVE-2025-30342

CVE.ORG link : CVE-2025-30342

JSON object : View

Products Affected

openslides

openslides

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2025-30342", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2025-03-21T06:15:26.510", "references": [{"url": "https://www.x41-dsec.de/lab/advisories/x41-2025-001-OpenSlides", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "cve@mitre.org", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "An XSS issue was discovered in OpenSlides before 4.2.5. When submitting descriptions such as Moderator Notes or Agenda Topics, an editor is shown that allows one to format the submitted text. This allows insertion of various HTML elements. When trying to insert a SCRIPT element, it is properly encoded when reflected; however, adding attributes to links is possible, which allows the injection of JavaScript via the onmouseover attribute and others. When a user moves the mouse over such a prepared link, JavaScript is executed in that user's session."}, {"lang": "es", "value": "Se detect\u00f3 un problema de XSS en OpenSlides antes de la versi\u00f3n 4.2.5. Al enviar descripciones como Notas del moderador o Temas de la agenda, se muestra un editor que permite formatear el texto enviado. Esto permite insertar varios elementos HTML. Al insertar un elemento SCRIPT, este se codifica correctamente al reflejarse; sin embargo, es posible a\u00f1adir atributos a los enlaces, lo que permite la inyecci\u00f3n de JavaScript mediante el atributo onmouseover y otros. Cuando un usuario pasa el rat\u00f3n sobre un enlace preparado, se ejecuta JavaScript en su sesi\u00f3n."}], "lastModified": "2025-03-27T13:35:33.940", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openslides:openslides:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9F2C3CC-918A-4329-A59D-DEFECC0489A1", "versionEndExcluding": "4.2.5"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}