CVE-2025-3246

{"id": "CVE-2025-3246", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.7, "exploitabilityScore": 2.3}], "cvssMetricV40": [{"type": "Secondary", "source": "product-cna@github.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.6, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-04-17T23:15:42.123", "references": [{"url": "https://docs.github.com/en/enterprise-server@3.16/admin/release-notes#3.16.2", "tags": ["Release Notes"], "source": "product-cna@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "product-cna@github.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed cross-site scripting in GitHub Markdown that used `$$..$$` math blocks. Exploitation required access to the target GitHub Enterprise Server instance and privileged user interaction with the malicious elements. This vulnerability affected version 3.16.1 of GitHub Enterprise Server and was fixed in version 3.16.2. This vulnerability was reported via the GitHub Bug Bounty program."}, {"lang": "es", "value": "Se identific\u00f3 una vulnerabilidad de neutralizaci\u00f3n de entrada incorrecta en GitHub Enterprise Server que permit\u00eda cross-site scripting en GitHub Markdown que utilizaban bloques matem\u00e1ticos `$$..$$`. Su explotaci\u00f3n requer\u00eda acceso a la instancia de GitHub Enterprise Server objetivo e interacci\u00f3n de usuario privilegiado con los elementos maliciosos. Esta vulnerabilidad afect\u00f3 a la versi\u00f3n 3.16.1 de GitHub Enterprise Server y se corrigi\u00f3 en la versi\u00f3n 3.16.2. Esta vulnerabilidad se report\u00f3 a trav\u00e9s del programa de recompensas por errores de GitHub."}], "lastModified": "2025-09-05T15:00:02.387", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:github:enterprise_server:3.16.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C916F330-E6B5-478B-9525-F8AC38472743"}], "operator": "OR"}]}], "sourceIdentifier": "product-cna@github.com"}