Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
1 vulnerability by lakejason0
CVE-2025-25287 (GCVE-0-2025-25287)
Vulnerability from cvelistv5 – Published: 2025-02-13 15:28 – Updated: 2025-07-21 12:37
VLAI?
Title
Lakeus vulnerable to stored XSS via system messages
Summary
Lakeus is a simple skin made for MediaWiki. Starting in version 1.0.8 and prior to versions 1.3.1+REL1.39, 1.3.1+REL1.42, and 1.4.0, Lakeus is vulnerable to store cross-site scripting via malicious system messages, though editing the messages requires high privileges. Those with `(editinterface)` rights can edit system messages that are improperly handled in order to send raw HTML. In the case of `lakeus-footermessage`, this will affect all users if the server is configured to link back to this repository. Otherwise, the system messages in themeDesigner.js are only used when the user enables it in their preferences. Versions 1.3.1+REL1.39, 1.3.1+REL1.42, and 1.4.0 contain a patch.
Severity ?
4.7 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| lakejason0 | mediawiki-skins-Lakeus |
Affected:
>= 1.0.8, < 1.3.1+REL1.39
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25287",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-13T16:08:33.744492Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-13T16:08:46.755Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mediawiki-skins-Lakeus",
"vendor": "lakejason0",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.0.8, \u003c 1.3.1+REL1.39"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Lakeus is a simple skin made for MediaWiki. Starting in version 1.0.8 and prior to versions 1.3.1+REL1.39, 1.3.1+REL1.42, and 1.4.0, Lakeus is vulnerable to store cross-site scripting via malicious system messages, though editing the messages requires high privileges. Those with `(editinterface)` rights can edit system messages that are improperly handled in order to send raw HTML. In the case of `lakeus-footermessage`, this will affect all users if the server is configured to link back to this repository. Otherwise, the system messages in themeDesigner.js are only used when the user enables it in their preferences. Versions 1.3.1+REL1.39, 1.3.1+REL1.42, and 1.4.0 contain a patch."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T12:37:21.292Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/lakejason0/mediawiki-skins-Lakeus/security/advisories/GHSA-mq77-3q68-v64v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/lakejason0/mediawiki-skins-Lakeus/security/advisories/GHSA-mq77-3q68-v64v"
},
{
"name": "https://github.com/lakejason0/mediawiki-skins-Lakeus/commit/fb79928f06efa47677fff27e0f4755eb32b1c8d9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lakejason0/mediawiki-skins-Lakeus/commit/fb79928f06efa47677fff27e0f4755eb32b1c8d9"
},
{
"name": "https://github.com/lakejason0/mediawiki-skins-Lakeus/blob/82ad2cd341f85b814a6a0f37969e6210ebf2521d/includes/SkinLakeus.php#L27",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lakejason0/mediawiki-skins-Lakeus/blob/82ad2cd341f85b814a6a0f37969e6210ebf2521d/includes/SkinLakeus.php#L27"
},
{
"name": "https://github.com/lakejason0/mediawiki-skins-Lakeus/blob/82ad2cd341f85b814a6a0f37969e6210ebf2521d/resources/themeDesigner.js",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lakejason0/mediawiki-skins-Lakeus/blob/82ad2cd341f85b814a6a0f37969e6210ebf2521d/resources/themeDesigner.js"
}
],
"source": {
"advisory": "GHSA-mq77-3q68-v64v",
"discovery": "UNKNOWN"
},
"title": "Lakeus vulnerable to stored XSS via system messages"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-25287",
"datePublished": "2025-02-13T15:28:40.074Z",
"dateReserved": "2025-02-06T17:13:33.121Z",
"dateUpdated": "2025-07-21T12:37:21.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}