CVE-2025-14830
📋 TL;DR
This CVE describes a cross-site scripting (XSS) vulnerability in JFrog Artifactory Workers that allows attackers to inject malicious scripts into web pages. The vulnerability affects Artifactory Workers versions 7.94.0 through 7.117.9. Users of affected versions who access the web interface are potentially at risk.
💻 Affected Systems
- JFrog Artifactory Workers
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal session cookies, perform actions as authenticated users, redirect to malicious sites, or compromise user accounts through injected scripts.
Likely Case
Attackers could steal session tokens or credentials from authenticated users, potentially gaining unauthorized access to the Artifactory instance.
If Mitigated
With proper input validation and output encoding, the risk is significantly reduced, though the vulnerability still exists in the codebase.
🎯 Exploit Status
XSS vulnerabilities typically require user interaction (clicking a malicious link) but are relatively easy to exploit once the attack vector is identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 7.117.10 and later
Vendor Advisory: https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories
Restart Required: Yes
Instructions:
1. Backup your Artifactory configuration and data. 2. Download Artifactory version 7.117.10 or later from the JFrog website. 3. Follow the official JFrog upgrade documentation for your deployment type (Docker, RPM, etc.). 4. Restart the Artifactory service.
🔧 Temporary Workarounds
Input Validation Filter
allImplement a web application firewall or input validation filter to sanitize user input before processing.
Content Security Policy
allImplement strict Content Security Policy headers to limit script execution sources.
Add 'Content-Security-Policy' header with appropriate directives
🧯 If You Can't Patch
- Implement network segmentation to restrict access to Artifactory Workers interface
- Enable strict input validation and output encoding in application configuration
🔍 How to Verify
Check if Vulnerable:
Check Artifactory version via web interface or API. If version is between 7.94.0 and 7.117.9 inclusive, the system is vulnerable.Check Version:
curl -u admin:password http://artifactory-host/artifactory/api/system/versionVerify Fix Applied:
Verify Artifactory version is 7.117.10 or later. Test XSS payloads in user input fields to confirm they are properly sanitized.📡 Detection & Monitoring
Log Indicators:
- Unusual JavaScript or HTML in user input fields
- Multiple failed XSS attempts in access logs
Network Indicators:
- Suspicious script tags in HTTP requests to Artifactory endpoints
- Unexpected redirects from Artifactory URLs
SIEM Query:
source="artifactory" AND ("<script>" OR "javascript:" OR "onerror=" OR "onload=")