Login Sign Up

CVE-2025-15170

4.3 MEDIUM
Cross-Site Scripting

📋 TL;DR

This vulnerability allows attackers to inject malicious scripts into Advaya Softech GEMS ERP Portal error messages, which are then executed in users' browsers. It affects all versions up to 2.1 of the GEMS ERP Portal. The attack can be performed remotely without authentication.

💻 Affected Systems

Products:
  • Advaya Softech GEMS ERP Portal
Versions: All versions up to and including 2.1
Operating Systems: Any OS running the GEMS ERP Portal
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the /home.jsp?isError=true endpoint specifically. The vulnerability exists in the error message handler component.

📦 What is this software?

Gems Erp Portal by Advayasoftech

View all CVEs affecting Gems Erp Portal →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, redirect users to malicious sites, perform actions on behalf of authenticated users, or deploy malware through the ERP portal.

🟠

Likely Case

Session hijacking, credential theft, or defacement of the portal interface through malicious script execution.

🟢

If Mitigated

Limited to UI manipulation with proper input validation and output encoding in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept video available. Attack requires no authentication and minimal technical skill to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Vendor has not responded to disclosure. Consider upgrading if vendor releases patched version.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation to sanitize the 'Message' parameter

Implement input validation in /home.jsp to strip or encode script tags

WAF Rule

all

Deploy web application firewall rules to block XSS payloads in the Message parameter

Configure WAF to detect and block script tags, javascript:, and other XSS patterns in URL parameters

🧯 If You Can't Patch

  • Block access to /home.jsp?isError=true endpoint at network perimeter
  • Implement Content Security Policy headers to restrict script execution

🔍 How to Verify

Check if Vulnerable:

Test by injecting <script>alert('XSS')</script> into the Message parameter of /home.jsp?isError=true

Check Version:

Check GEMS ERP Portal version in application interface or configuration files

Verify Fix Applied:

Verify that script injection attempts are properly sanitized and do not execute in browser

📡 Detection & Monitoring

Log Indicators:

  • Unusual requests to /home.jsp?isError=true with script tags or javascript: in parameters
  • Multiple error page requests with similar patterns

Network Indicators:

  • HTTP requests containing <script>, javascript:, or other XSS patterns in URL parameters

SIEM Query:

source="web_logs" AND uri_path="/home.jsp" AND query_string="*isError=true*" AND (query_string="*<script>*" OR query_string="*javascript:*")

📊 Metadata

CVE ID: CVE-2025-15170
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CWE: CWE-79
EPSS Score: 0.04% exploit probability (11.9th percentile)
Published: December 29, 2025
Last Updated: January 7, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-15170, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)