CVE-2025-15219 – This is a cross-site scripting (XSS) vulnerabil... (How to Fix)

Q: What is the severity of CVE-2025-15219?

CVE-2025-15219 has a CVSS score of 3.5 (LOW). This is a cross-site scripting (XSS) vulnerability in SohuTV CacheCloud that allows attackers to inject malicious scripts into web pages via the doMachineList/doPodList functions. The vulnerability affects CacheCloud versions up to 3.2.0 and can be exploited remotely by authenticated users.

📋 TL;DR

This is a cross-site scripting (XSS) vulnerability in SohuTV CacheCloud that allows attackers to inject malicious scripts into web pages via the doMachineList/doPodList functions. The vulnerability affects CacheCloud versions up to 3.2.0 and can be exploited remotely by authenticated users.

💻 Affected Systems

Products:

SohuTV CacheCloud

Versions: up to 3.2.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated access to exploit. The vulnerability is in the web management interface.

📦 What is this software?

Cachecloud by Sohu

View all CVEs affecting Cachecloud →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as authenticated users, redirect users to malicious sites, or deface the application interface.

🟠

Likely Case

Session hijacking leading to unauthorized access to cache management functions, potentially allowing data manipulation or service disruption.

🟢

If Mitigated

With proper input validation and output encoding, the impact is limited to minor interface manipulation with no data compromise.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit details are publicly disclosed in GitHub issues. Attack requires authenticated access to the web interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Monitor the GitHub repository for updates. Consider implementing input validation and output encoding as a temporary fix.

🔧 Temporary Workarounds

Implement Input Validation

all

Add server-side validation to sanitize user input in the affected functions

Modify src/main/java/com/sohu/cache/web/controller/MachineManageController.java to validate and sanitize input parameters

Enable Content Security Policy

all

Implement CSP headers to restrict script execution

Add Content-Security-Policy header to web server configuration

🧯 If You Can't Patch

Restrict network access to CacheCloud management interface to trusted IPs only
Implement a web application firewall (WAF) with XSS protection rules

🔍 How to Verify

Check if Vulnerable:

Check if CacheCloud version is 3.2.0 or earlier. Review the MachineManageController.java file for lack of input sanitization in doMachineList/doPodList functions.

Check Version:

Check application version in web interface or configuration files

Verify Fix Applied:

Test the affected endpoints with XSS payloads to ensure they are properly sanitized or blocked.

📡 Detection & Monitoring

Log Indicators:

Unusual parameter values in /machine/doMachineList or /machine/doPodList requests
JavaScript or HTML tags in request parameters

Network Indicators:

HTTP requests containing script tags or JavaScript in parameters to vulnerable endpoints

SIEM Query:

web_requests WHERE (url CONTAINS '/machine/doMachineList' OR url CONTAINS '/machine/doPodList') AND (parameters CONTAINS '<script' OR parameters CONTAINS 'javascript:')

📊 Metadata

CVE ID: CVE-2025-15219

CVSS v3 Score: 3.5 (LOW)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

CWE: CWE-79

EPSS Score: 0.05% exploit probability (15th percentile)

Published: December 30, 2025

Last Updated: January 6, 2026

🔗 References

https://github.com/sohutv/cachecloud/issues/377 Exploit,Issue Tracking,Vendor Advisory
https://github.com/sohutv/cachecloud/issues/378 Exploit,Issue Tracking,Vendor Advisory
https://vuldb.com/?ctiid.338604 Permissions Required,VDB Entry
https://vuldb.com/?id.338604 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.716318 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.716319 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-15219, you might also want to check these: