CVE-2025-58823 is a stored Cross-site Scripting (XSS) vulnerability classified under CWE-79, affecting the product "Get Cash" by The African Boss, up to version 3.2.2. The vulnerability arises due to improper neutralization of input during web page generation, allowing malicious scripts to be stored and later executed in the context of users' browsers. Stored XSS occurs when user-supplied input is not properly sanitized or encoded before being included in web pages, enabling attackers to inject malicious JavaScript code that executes whenever a victim accesses the affected page. This can lead to session hijacking, credential theft, defacement, or redirection to malicious sites. The CVSS v3.1 base score is 6.5 (medium severity), with vector AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L, indicating that the attack can be performed remotely over the network with low attack complexity, requires low privileges and user interaction, and impacts confidentiality, integrity, and availability to a limited extent but with scope changed (affecting components beyond the vulnerable one). No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability is notable because stored XSS can have persistent effects and impact multiple users, especially in web applications handling sensitive financial or personal data, as suggested by the product name "Get Cash."

For European organizations, the impact of this vulnerability depends on the adoption of the "Get Cash" product within their infrastructure. If used in financial or transactional environments, stored XSS can lead to significant risks including theft of user credentials, session tokens, or sensitive financial data, potentially enabling fraud or unauthorized transactions. The vulnerability could also facilitate lateral movement or persistent access if attackers leverage stolen credentials or session information. Additionally, reputational damage and regulatory penalties under GDPR could arise if personal data is compromised. The scope change in the CVSS vector suggests that the vulnerability could affect components beyond the immediate application, potentially impacting integrated systems or services. Although no active exploits are known, the medium severity and ease of exploitation with low privileges and user interaction mean that attackers could weaponize this vulnerability if it becomes publicly exploited, posing a tangible threat to European organizations relying on this software.

To mitigate this vulnerability, organizations should implement strict input validation and output encoding on all user-supplied data before rendering it in web pages, using context-appropriate encoding (e.g., HTML entity encoding). Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts and reduce the impact of XSS attacks. Regularly audit and sanitize stored data to detect and remove malicious payloads. Since no official patches are currently available, organizations should consider temporary mitigations such as disabling or restricting features that accept user input or isolating the affected application in a segmented network zone. Monitoring web application logs for suspicious input patterns and user behavior can help detect exploitation attempts early. Additionally, educating users about the risks of interacting with suspicious links or content can reduce the likelihood of successful exploitation. Once patches are released, prompt application of updates is critical. Finally, conducting security code reviews and penetration testing focused on XSS vulnerabilities will help identify and remediate similar issues proactively.