CVE-2025-15145 is a cross-site scripting (XSS) vulnerability identified in SohuTV CacheCloud versions 3.0 through 3.2.0. The vulnerability resides in the doTotalList function within the TotalManageController.java source file. This function fails to properly sanitize user-supplied input, allowing an attacker to inject malicious JavaScript code that executes in the context of the victim’s browser. The attack vector is remote, requiring no prior authentication, but user interaction is necessary to trigger the malicious script. The vulnerability was responsibly disclosed to the project maintainers, but no patch or official response has been provided as of the publication date. The CVSS 4.8 score reflects a medium severity, with the vector indicating network attack vector, low attack complexity, no privileges required, but user interaction needed. The impact primarily affects integrity by enabling script injection, potentially leading to session hijacking, defacement, or redirection to malicious sites. Confidentiality and availability impacts are minimal or none. No known exploits are currently active in the wild, but public disclosure increases the risk of exploitation. The lack of vendor response and patch availability heightens the urgency for users to implement mitigations or consider alternative solutions.

For European organizations, exploitation of this XSS vulnerability could lead to compromised user sessions, unauthorized actions performed on behalf of users, and potential defacement or phishing attacks via injected scripts. This can erode user trust, cause reputational damage, and potentially expose sensitive user data if session tokens or credentials are stolen. While the vulnerability does not directly compromise system availability or confidentiality, the integrity of web interactions is at risk. Organizations relying on CacheCloud for caching or distributed system management may see indirect impacts if attackers leverage this vulnerability as an initial foothold for further attacks. The absence of a patch means organizations must rely on compensating controls to mitigate risk. The medium severity suggests that while the threat is not critical, it is significant enough to warrant prompt attention, especially in sectors with high regulatory requirements such as finance, healthcare, and critical infrastructure within Europe.

1. Implement strict input validation and output encoding on all user-supplied data processed by the doTotalList function or related endpoints to prevent script injection. 2. Deploy Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. 3. Restrict access to the vulnerable endpoints using network-level controls such as IP whitelisting or VPNs to limit exposure. 4. Monitor web application logs and user activity for unusual patterns indicative of XSS exploitation attempts. 5. Educate users about the risks of interacting with suspicious links or content that could trigger XSS attacks. 6. Consider deploying web application firewalls (WAFs) with rules specifically targeting XSS payloads. 7. Engage with the vendor or community to track patch releases or updates and plan for timely application once available. 8. If feasible, evaluate alternative caching solutions that do not exhibit this vulnerability. 9. Conduct regular security assessments and penetration testing focusing on web application vulnerabilities including XSS. 10. Ensure that session management uses secure, HttpOnly, and SameSite cookies to reduce the impact of potential script injection.