SecuriTricks - CVE-2025-0209

Description

A reflected cross-site scripting (XSS) vulnerability exists in the account registration flow of WSO2 Identity Server due to improper output encoding. A malicious actor can exploit this vulnerability by injecting a crafted payload that is reflected in the server response, enabling the execution of arbitrary JavaScript in the victim's browser. This vulnerability could allow attackers to redirect users to malicious websites, modify the user interface, or exfiltrate data from the browser. However, session-related sensitive cookies are protected using the httpOnly flag, which mitigates the risk of session hijacking.

Product(s) Impacted

Vendor	Product	Versions
Wso2	Wso2 Identity Server	*

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	wso2	wso2_identity_server	/	/	/	/	/	/	/	/

References

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3902/

CVSS Score

6.1 / 10

CVSS Data - 3.1

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: NONE
Scope: CHANGED
Confidentiality Impact: LOW
Integrity Impact: LOW
Availability Impact: NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

View Vector String

Timeline

Published: Sept. 23, 2025, 6:15 p.m.
Last Modified: Sept. 24, 2025, 6:11 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

ed10eef1-636d-4fbe-9993-6890dfa878f8

CVE-2025-0209