Login Sign Up

CVE-2025-15202

2.4 LOW
Cross-Site Scripting

📋 TL;DR

This vulnerability allows attackers to inject malicious scripts into the SohuTV CacheCloud web interface via the taskQueueList function. When users view affected pages, these scripts execute in their browsers, potentially stealing session cookies or performing unauthorized actions. Only SohuTV CacheCloud installations up to version 3.2.0 are affected.

💻 Affected Systems

Products:
  • SohuTV CacheCloud
Versions: Up to and including 3.2.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects web interface users; the Redis caching service itself is not directly vulnerable.

📦 What is this software?

Cachecloud by Sohu

View all CVEs affecting Cachecloud →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain full administrative access to CacheCloud, and potentially compromise the entire Redis caching infrastructure.

🟠

Likely Case

Attackers steal user session cookies to impersonate legitimate users, modify cache configurations, or deface the web interface.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts are neutralized before reaching users' browsers.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit details are publicly available in GitHub issue #374. Attack requires user interaction (viewing malicious page).

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Monitor GitHub repository for updates or apply workarounds.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize user input in the taskQueueList function before processing.

Modify src/main/java/com/sohu/cache/web/controller/TaskController.java to implement proper input sanitization

Output Encoding

all

Implement output encoding in the web templates to neutralize any malicious scripts before rendering.

Update JSP/HTML templates to use proper output encoding functions

🧯 If You Can't Patch

  • Restrict access to CacheCloud web interface using network segmentation or firewall rules
  • Implement Content Security Policy (CSP) headers to restrict script execution

🔍 How to Verify

Check if Vulnerable:

Check CacheCloud version in web interface or configuration files. If version ≤ 3.2.0, system is vulnerable.

Check Version:

Check application.properties or web interface footer for version information

Verify Fix Applied:

Test taskQueueList function with XSS payloads after applying fixes to ensure scripts are properly sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual task creation/modification requests
  • Requests containing script tags or JavaScript in parameters

Network Indicators:

  • HTTP requests to taskQueueList endpoint with suspicious parameters

SIEM Query:

web_access_logs WHERE uri LIKE '%taskQueueList%' AND (params CONTAINS '<script' OR params CONTAINS 'javascript:')

📊 Metadata

CVE ID: CVE-2025-15202
CVSS v3 Score: 2.4 (LOW)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
CWE: CWE-79
EPSS Score: 0.03% exploit probability (8.9th percentile)
Published: December 29, 2025
Last Updated: January 6, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-15202, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)