CVE-2025-50977 — MEDIUM (6.1)

Vulnerability Description

A template injection vulnerability leading to reflected cross-site scripting (XSS) has been identified in version 1.7.1, requiring authenticated admin access for exploitation. The vulnerability exists in the 'r' parameter and allows attackers to inject malicious Angular expressions that execute JavaScript code in the context of the application. The flaw can be exploited through GET requests to the summary endpoint as well as POST requests to specific Wicket interface endpoints, though the GET method provides easier weaponization. This vulnerability enables authenticated administrators to execute arbitrary client-side code, potentially leading to session hijacking, data theft, or further privilege escalation attacks.

CVSS Score

6.1

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Gitblit	Gitblit	1.7.1

Related Weaknesses (CWE)

CWE-79

References

https://github.com/4rdr/proofs/blob/main/info/gitblit-v1.7.1-reflected-XSS-via-aExploitThird Party Advisory
https://github.com/4rdr/proofs/blob/main/info/gitblit-v1.7.1-reflected-XSS-via-aExploitThird Party Advisory

FAQ

What is CVE-2025-50977?

CVE-2025-50977 is a vulnerability with a CVSS score of 6.1 (MEDIUM). A template injection vulnerability leading to reflected cross-site scripting (XSS) has been identified in version 1.7.1, requiring authenticated admin access for exploitation. The vulnerability exists...

How severe is CVE-2025-50977?

CVE-2025-50977 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-50977?

Check the references section above for vendor advisories and patch information. Affected products include: Gitblit Gitblit.