{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-9096", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-08-17T12:53:58.111Z", "datePublished": "2025-08-17T23:32:05.435Z", "dateUpdated": "2025-08-18T17:27:38.727Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-08-17T23:32:05.435Z"}, "title": "ExpressGateway express-gateway REST Endpoint apps.js cross site scripting", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-79", "lang": "en", "description": "Cross Site Scripting"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "Code Injection"}]}], "affected": [{"vendor": "ExpressGateway", "product": "express-gateway", "versions": [{"version": "1.16.0", "status": "affected"}, {"version": "1.16.1", "status": "affected"}, {"version": "1.16.2", "status": "affected"}, {"version": "1.16.3", "status": "affected"}, {"version": "1.16.4", "status": "affected"}, {"version": "1.16.5", "status": "affected"}, {"version": "1.16.6", "status": "affected"}, {"version": "1.16.7", "status": "affected"}, {"version": "1.16.8", "status": "affected"}, {"version": "1.16.9", "status": "affected"}, {"version": "1.16.10", "status": "affected"}], "modules": ["REST Endpoint"]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in ExpressGateway express-gateway up to 1.16.10. Affected is an unknown function in the library lib/rest/routes/apps.js of the component REST Endpoint. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "In ExpressGateway express-gateway bis 1.16.10 wurde eine Schwachstelle gefunden. Dabei betrifft es einen unbekannter Codeteil in der Bibliothek lib/rest/routes/apps.js der Komponente REST Endpoint. Durch Beeinflussen mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.1, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2025-08-17T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-08-17T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-08-17T14:59:05.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Haoatao (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.320418", "name": "VDB-320418 | ExpressGateway express-gateway REST Endpoint apps.js cross site scripting", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.320418", "name": "VDB-320418 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.627833", "name": "Submit #627833 | GitHub Web Application Express Gateway 1.16.10 and possibly earlier Cross Site Scripting", "tags": ["third-party-advisory"]}, {"url": "https://github.com/freshfish-hust/my-cves/issues/6", "tags": ["issue-tracking"]}, {"url": "https://github.com/freshfish-hust/my-cves/issues/6#issue-3287078206", "tags": ["exploit", "issue-tracking"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-18T17:14:30.428462Z", "id": "CVE-2025-9096", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-18T17:27:38.727Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-9096", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-18T17:14:30.428462Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-18T17:26:26.521Z"}}], "cna": {"title": "ExpressGateway express-gateway REST Endpoint apps.js cross site scripting", "credits": [{"lang": "en", "type": "reporter", "value": "Haoatao (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "ExpressGateway", "modules": ["REST Endpoint"], "product": "express-gateway", "versions": [{"status": "affected", "version": "1.16.0"}, {"status": "affected", "version": "1.16.1"}, {"status": "affected", "version": "1.16.2"}, {"status": "affected", "version": "1.16.3"}, {"status": "affected", "version": "1.16.4"}, {"status": "affected", "version": "1.16.5"}, {"status": "affected", "version": "1.16.6"}, {"status": "affected", "version": "1.16.7"}, {"status": "affected", "version": "1.16.8"}, {"status": "affected", "version": "1.16.9"}, {"status": "affected", "version": "1.16.10"}]}], "timeline": [{"lang": "en", "time": "2025-08-17T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-08-17T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-08-17T14:59:05.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.320418", "name": "VDB-320418 | ExpressGateway express-gateway REST Endpoint apps.js cross site scripting", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.320418", "name": "VDB-320418 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.627833", "name": "Submit #627833 | GitHub Web Application Express Gateway 1.16.10 and possibly earlier Cross Site Scripting", "tags": ["third-party-advisory"]}, {"url": "https://github.com/freshfish-hust/my-cves/issues/6", "tags": ["issue-tracking"]}, {"url": "https://github.com/freshfish-hust/my-cves/issues/6#issue-3287078206", "tags": ["exploit", "issue-tracking"]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in ExpressGateway express-gateway up to 1.16.10. Affected is an unknown function in the library lib/rest/routes/apps.js of the component REST Endpoint. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "In ExpressGateway express-gateway bis 1.16.10 wurde eine Schwachstelle gefunden. Dabei betrifft es einen unbekannter Codeteil in der Bibliothek lib/rest/routes/apps.js der Komponente REST Endpoint. Durch Beeinflussen mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "Cross Site Scripting"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "Code Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-08-17T23:32:05.435Z"}}}, "cveMetadata": {"cveId": "CVE-2025-9096", "state": "PUBLISHED", "dateUpdated": "2025-08-18T17:27:38.727Z", "dateReserved": "2025-08-17T12:53:58.111Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-08-17T23:32:05.435Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in ExpressGateway express-gateway up to 1.16.10. Affected is an unknown function in the library lib/rest/routes/apps.js of the component REST Endpoint. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad en ExpressGateway (hasta la versi\u00f3n 1.16.10). Se trata de una funci\u00f3n desconocida en la librer\u00eda lib/rest/routes/apps.js del componente REST Endpoint. La manipulaci\u00f3n provoca ataques de cross site scripting. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n para informarle sobre esta vulnerabilidad, pero no respondi\u00f3."}], "id": "CVE-2025-9096", "lastModified": "2025-08-18T20:16:28.750", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-08-18T00:15:27.310", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/freshfish-hust/my-cves/issues/6"}, {"source": "cna@vuldb.com", "url": "https://github.com/freshfish-hust/my-cves/issues/6#issue-3287078206"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.320418"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.320418"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.627833"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-94"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"created": "2025-08-18T20:44:14.997372+00:00", "updated": "2025-08-18T20:44:14.997427+00:00", "vendors": ["express-gateway", "express-gateway$PRODUCT$express-gateway"]}