CVE-2025-27800

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-27800
The Episerver Content Management System (CMS) by Optimizely was affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities. This allowed an authenticated attacker to execute malicious JavaScript code in the victim's browser. The Admin dashboard offered the functionality to add gadgets to the dashboard. This included the "Notes" gadget. An authenticated attacker with the corresponding access rights (such as "WebAdmin") that was impersonating the victim could insert malicious JavaScript code in these notes that would be executed if the victim visited the dashboard. Affected products: Version 11.X: EPiServer.CMS.Core (<11.21.4) with EPiServer.CMS.UI (<11.37.5), Version 12.X: EPiServer.CMS.Core (<12.22.1) with EPiServer.CMS.UI (<11.37.3)

4.8 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.7 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://api.nuget.optimizely.com/packages/episerver.cms.core/11.21.4#
https://api.nuget.optimizely.com/packages/episerver.cms.core/12.22.1#
https://r.sec-consult.com/optimizely
Configurations

No configuration.

History

29 Jul 2025, 14:14

Type Values Removed Values Added
Summary
  • (es) Episerver Content Management System (CMS) by Optimizely se vio afectado por múltiples vulnerabilidades de Cross-Site Scripting (XSS) almacenado. Esto permitió que un atacante autenticado ejecutara código JavaScript malicioso en el navegador de la víctima. El panel de administración permitía añadir gadgets, incluido el gadget "Notes". Un atacante autenticado con los permisos de acceso correspondientes (como "WebAdmin") que se hiciera pasar por la víctima podía insertar código JavaScript malicioso en estas notas, que se ejecutaría si la víctima visitaba el panel. Productos afectados: Versión 11.X: EPiServer.CMS.Core (&lt;11.21.4) con EPiServer.CMS.UI (&lt;11.37.5), Versión 12.X: EPiServer.CMS.Core (&lt;12.22.1) con EPiServer.CMS.UI (&lt;11.37.3).

29 Jul 2025, 10:15

Type Values Removed Values Added
References
  • {'url': 'https://support.optimizely.com/hc/en-us/articles/30886353301645-2025-Optimizely-CMS-11-PaaS-release-notes#h_01K09MR1SZS4FEAPD4478GQ0FR', 'source': '551230f0-3615-47bd-b7cc-93e92e730bbf'}
  • {'url': 'https://support.optimizely.com/hc/en-us/articles/37757063222029-2024-Optimizely-CMS-12-PaaS-release-notes#h_01JN4AZV48WKNADH3KWC2GYDS5', 'source': '551230f0-3615-47bd-b7cc-93e92e730bbf'}
  • () https://api.nuget.optimizely.com/packages/episerver.cms.core/11.21.4# -
  • () https://api.nuget.optimizely.com/packages/episerver.cms.core/12.22.1# -
  • () https://r.sec-consult.com/optimizely -

28 Jul 2025, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-07-28 09:15

Updated : 2025-07-29 14:14

NVD link : CVE-2025-27800

Mitre link : CVE-2025-27800

CVE.ORG link : CVE-2025-27800

JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')