Skip to main content

CVE-2025-28976: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in dsrodzin Email Address Security by WebEmailProtector

Medium
VulnerabilityCVE-2025-28976cvecve-2025-28976cwe-79
Published: Fri Jul 04 2025 (07/04/2025, 11:18:09 UTC)
Source: CVE Database V5
Vendor/Project: dsrodzin
Product: Email Address Security by WebEmailProtector

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dsrodzin Email Address Security by WebEmailProtector allows Stored XSS. This issue affects Email Address Security by WebEmailProtector: from n/a through 3.3.6.

AI-Powered Analysis

AILast updated: 07/04/2025, 12:11:03 UTC

Technical Analysis

CVE-2025-28976 is a medium severity vulnerability classified under CWE-79, which pertains to Improper Neutralization of Input During Web Page Generation, commonly known as Cross-site Scripting (XSS). This specific vulnerability affects the product 'Email Address Security by WebEmailProtector' developed by dsrodzin, in versions up to and including 3.3.6. The vulnerability allows for Stored XSS attacks, meaning that malicious input submitted by an attacker is stored by the application and later rendered in web pages without proper sanitization or encoding. This can lead to the execution of arbitrary JavaScript code in the context of users who view the affected pages. The CVSS v3.1 base score is 6.5, indicating a medium severity level. The vector string (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L) reveals that the attack can be performed remotely over the network (AV:N) with low attack complexity (AC:L), but requires some level of privileges (PR:L) and user interaction (UI:R). The scope is changed (S:C), meaning the vulnerability affects resources beyond the initially vulnerable component. The impact on confidentiality, integrity, and availability is low to medium (C:L/I:L/A:L). No known exploits are currently reported in the wild, and no patches are linked yet. The vulnerability was reserved in March 2025 and published in July 2025. Stored XSS vulnerabilities can be exploited to steal user credentials, perform actions on behalf of users, or deliver malware, especially in webmail or email security contexts where sensitive information is handled.

Potential Impact

For European organizations, this vulnerability poses a significant risk especially to those using the affected Email Address Security by WebEmailProtector product. Since this product is designed to protect email addresses, exploitation of this Stored XSS could lead to unauthorized access to sensitive email data, phishing attacks, session hijacking, or spreading malware within corporate networks. The impact is heightened in sectors with strict data protection regulations such as GDPR, where leakage of personal data or unauthorized actions could result in regulatory penalties and reputational damage. Organizations relying on this product for email security may face compromised confidentiality and integrity of communications. Additionally, the changed scope (S:C) suggests that exploitation could affect multiple components or users beyond the initially targeted system, increasing the potential damage. The requirement for some privileges and user interaction means that attackers might need to compromise a user account or trick users into clicking malicious links, but once successful, the attack could propagate within the organization’s environment.

Mitigation Recommendations

1. Immediate mitigation should include disabling or restricting the vulnerable functionality in Email Address Security by WebEmailProtector until a patch is available. 2. Implement strict input validation and output encoding on all user-supplied data, especially in areas where email addresses are processed or displayed. 3. Employ Content Security Policy (CSP) headers to reduce the impact of XSS by restricting the execution of unauthorized scripts. 4. Conduct thorough security reviews and penetration testing focusing on stored XSS vectors in the affected product. 5. Educate users about the risks of clicking on suspicious links or interacting with unexpected email content to reduce the likelihood of user interaction exploitation. 6. Monitor logs and network traffic for unusual activities that could indicate exploitation attempts. 7. Once available, promptly apply vendor patches or updates addressing this vulnerability. 8. Consider deploying web application firewalls (WAFs) with rules tuned to detect and block XSS payloads targeting this product.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Patchstack
Date Reserved
2025-03-11T08:10:36.160Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 6867b9f06f40f0eb72a0497a

Added to database: 7/4/2025, 11:24:32 AM

Last enriched: 7/4/2025, 12:11:03 PM

Last updated: 7/22/2025, 12:13:39 AM

Views: 9

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats