{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-57769", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-08-19T15:16:22.917Z", "datePublished": "2025-09-29T21:37:29.491Z", "dateUpdated": "2025-09-30T14:51:28.745Z"}, "containers": {"cna": {"title": "FressRSS: Clickjacking can lead to XSS and/or privilege escalation", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-1021", "lang": "en", "description": "CWE-1021: Improper Restriction of Rendered UI Layers or Frames", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-wm5p-7pr7-c8rw", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-wm5p-7pr7-c8rw"}, {"name": "https://github.com/FreshRSS/FreshRSS/pull/7677", "tags": ["x_refsource_MISC"], "url": "https://github.com/FreshRSS/FreshRSS/pull/7677"}, {"name": "https://github.com/FreshRSS/FreshRSS/releases/tag/1.27.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/FreshRSS/FreshRSS/releases/tag/1.27.0"}], "affected": [{"vendor": "FreshRSS", "product": "FreshRSS", "versions": [{"version": "< 1.27.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-09-29T21:37:52.895Z"}, "descriptions": [{"lang": "en", "value": "FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below contain a vulnerability where a specially crafted page can trick a user into executing arbitrary JS code or promoting a user in FreshRSS by obscuring UI elements in iframes. If embedding an authenticated iframe is possible, this may lead to privilege escalation via obscuring the promote user button in the admin UI or XSS by tricking the user to drag content into the UserJS text area. This is fixed in version 1.27.0"}], "source": {"advisory": "GHSA-wm5p-7pr7-c8rw", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-wm5p-7pr7-c8rw", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-30T14:51:12.226653Z", "id": "CVE-2025-57769", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-30T14:51:28.745Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-57769", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-30T14:51:12.226653Z"}}}], "references": [{"url": "https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-wm5p-7pr7-c8rw", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-30T14:51:25.559Z"}}], "cna": {"title": "FressRSS: Clickjacking can lead to XSS and/or privilege escalation", "source": {"advisory": "GHSA-wm5p-7pr7-c8rw", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW"}}], "affected": [{"vendor": "FreshRSS", "product": "FreshRSS", "versions": [{"status": "affected", "version": "< 1.27.0"}]}], "references": [{"url": "https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-wm5p-7pr7-c8rw", "name": "https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-wm5p-7pr7-c8rw", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/FreshRSS/FreshRSS/pull/7677", "name": "https://github.com/FreshRSS/FreshRSS/pull/7677", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/FreshRSS/FreshRSS/releases/tag/1.27.0", "name": "https://github.com/FreshRSS/FreshRSS/releases/tag/1.27.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below contain a vulnerability where a specially crafted page can trick a user into executing arbitrary JS code or promoting a user in FreshRSS by obscuring UI elements in iframes. If embedding an authenticated iframe is possible, this may lead to privilege escalation via obscuring the promote user button in the admin UI or XSS by tricking the user to drag content into the UserJS text area. This is fixed in version 1.27.0"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1021", "description": "CWE-1021: Improper Restriction of Rendered UI Layers or Frames"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-09-29T21:37:52.895Z"}}}, "cveMetadata": {"cveId": "CVE-2025-57769", "state": "PUBLISHED", "dateUpdated": "2025-09-30T14:51:28.745Z", "dateReserved": "2025-08-19T15:16:22.917Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-09-29T21:37:29.491Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:freshrss:freshrss:*:*:*:*:*:*:*:*", "matchCriteriaId": "5043EB51-EC2A-4735-A3E0-9E07DA94ECF7", "versionEndExcluding": "1.27.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below contain a vulnerability where a specially crafted page can trick a user into executing arbitrary JS code or promoting a user in FreshRSS by obscuring UI elements in iframes. If embedding an authenticated iframe is possible, this may lead to privilege escalation via obscuring the promote user button in the admin UI or XSS by tricking the user to drag content into the UserJS text area. This is fixed in version 1.27.0"}], "id": "CVE-2025-57769", "lastModified": "2025-10-03T15:58:53.477", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-09-29T22:15:36.463", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/FreshRSS/FreshRSS/pull/7677"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/FreshRSS/FreshRSS/releases/tag/1.27.0"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-wm5p-7pr7-c8rw"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-wm5p-7pr7-c8rw"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-1021"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-1021"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"created": "2025-09-30T08:47:38.112598+00:00", "updated": "2025-09-30T08:47:38.112670+00:00", "vendors": ["freshrss", "freshrss$PRODUCT$freshrss"]}