Listen to this Post
The CVE-2025-4150 vulnerability exists within the `lib/rest/routes/users.js` file of ExpressGateway. The flaw is a reflected Cross-Site Scripting (XSS) issue in a specific REST API endpoint responsible for user management. An attacker can craft a malicious HTTP GET request containing a JavaScript payload within one of the query parameters. Due to insufficient input sanitization and output encoding, the server incorporates this unsanitized payload directly into its HTML response. When an authenticated administrator views this crafted response in their browser, the embedded script executes within the context of the admin’s session, allowing for session hijacking or administrative actions.
Platform: ExpressGateway
Version: <=1.16.10
Vulnerability: Reflected XSS
Severity: Low
date: 2025-08-17
Prediction: Patch by 2025-09-15
What Undercode Say:
curl -G "http://<gateway-ip>:8080/admin/users" --data-urlencode "filter=<script>alert('XSS')</script>"
// Malicious query parameter example const maliciousParam = '"><img src=x onerror=alert(document.cookie)>';
How Exploit:
Craft URL with malicious script in `filter` parameter and trick admin into clicking it.
Protection from this CVE:
Update ExpressGateway, Input sanitization, Output encoding.
Impact:
Admin session compromise, privilege escalation.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
