CVE-2025-23767 in Marmoset Viewer Plugininfo

Summary

by MITRE • 01/16/2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Revolutionart Marmoset Viewer allows Stored XSS.This issue affects Marmoset Viewer: from n/a through 1.9.3.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 02/10/2025

The vulnerability identified as CVE-2025-23767 represents a critical cross-site scripting weakness in the Revolutionart Marmoset Viewer software, specifically classified under CWE-79 as improper neutralization of input during web page generation. This flaw enables attackers to inject malicious scripts into web pages viewed by other users, creating a persistent security risk that can compromise user sessions and data integrity. The vulnerability exists within the viewer's handling of user-provided input during the dynamic generation of web content, where insufficient sanitization allows malicious payloads to be stored and subsequently executed when other users access the affected pages.

The technical implementation of this stored XSS vulnerability occurs when the Marmoset Viewer application fails to properly validate and sanitize user input before incorporating it into dynamically generated web pages. Attackers can exploit this weakness by submitting malicious script code through input fields or parameters that are then stored within the application's database or memory. When other users subsequently view the affected content, the stored script executes in their browsers, potentially stealing session cookies, redirecting them to malicious sites, or performing unauthorized actions on their behalf. This particular vulnerability affects all versions of the Marmoset Viewer from the initial release through version 1.9.3, indicating a long-standing flaw in the software's input handling mechanisms.

The operational impact of this vulnerability extends beyond simple script execution, as it can enable sophisticated attack vectors that align with ATT&CK technique T1531 for credential access through the theft of session tokens and user authentication data. Organizations utilizing the Marmoset Viewer for 3D content presentation and sharing face significant risks including potential data breaches, unauthorized access to sensitive information, and compromise of user accounts. The stored nature of this XSS vulnerability means that the malicious code persists even after the initial attack, allowing attackers to maintain access to affected systems over extended periods. This characteristic makes the vulnerability particularly dangerous for environments where the viewer is used for collaborative work or contains confidential content that users expect to be secure.

Mitigation strategies for CVE-2025-23767 should prioritize immediate remediation through the application of security patches or updates provided by Revolutionart, as the vulnerability affects multiple versions of the software. Organizations must implement comprehensive input validation and output encoding mechanisms that follow the OWASP XSS Prevention Cheat Sheet guidelines, ensuring that all user-provided content is properly escaped before being rendered in web pages. Network segmentation and web application firewalls can provide additional layers of protection, while regular security audits and penetration testing should verify that input sanitization measures are effectively preventing XSS attacks. The implementation of Content Security Policy headers can also limit the execution of unauthorized scripts, providing defense-in-depth against potential exploitation attempts. Organizations should also consider conducting user awareness training to help identify potential social engineering attempts that might exploit this vulnerability.

Responsible

Patchstack

Reservation

01/16/2025

Disclosure

01/16/2025

Moderation

accepted

CPE

ready

EPSS

0.00301

KEV

no

Activities

very low

Sources

Do you know our Splunk app?

Download it now for free!