cvelistv5 - CVE-2025-53354

CVE-2025-53354 (GCVE-0-2025-53354)

Vulnerability from cvelistv5 – Published: 2025-10-03 19:32 – Updated: 2025-10-03 19:42

Title

NiceGUI is vulnerable to Reflected XSS attack

Summary

NiceGUI is a Python-based UI framework. Versions 2.24.2 and below are at risk for Cross-Site Scripting (XSS) when developers render unescaped user input into the DOM using ui.html(). NiceGUI did not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input() with ui.html() or ui.chat_message with HTML content without escaping may allow attackers to execute arbitrary JavaScript in the user’s browser. Applications that do not pass untrusted input into ui.html() are not affected. This issue is fixed in version 3.0.0.

Severity ?

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/zauberzeug/nicegui/security/ad…	x_refsource_CONFIRM
	https://github.com/zauberzeug/nicegui/commit/4673…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	zauberzeug	nicegui	Affected: < 3.0.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-53354",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-03T19:41:55.791075Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-03T19:42:40.273Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "nicegui",
          "vendor": "zauberzeug",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.0.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NiceGUI is a Python-based UI framework. Versions 2.24.2 and below are at risk for Cross-Site Scripting (XSS) when developers render unescaped user input into the DOM using ui.html(). NiceGUI did not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input() with ui.html() or  ui.chat_message with HTML content without escaping may allow attackers to execute arbitrary JavaScript in the user\u2019s browser. Applications that do not pass untrusted input into ui.html() are not affected. This issue is fixed in version 3.0.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-03T19:32:21.521Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/zauberzeug/nicegui/security/advisories/GHSA-8c95-hpq2-w46f",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/zauberzeug/nicegui/security/advisories/GHSA-8c95-hpq2-w46f"
        },
        {
          "name": "https://github.com/zauberzeug/nicegui/commit/4673dc35c94a0c7339e2164378b0977332e60775",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/zauberzeug/nicegui/commit/4673dc35c94a0c7339e2164378b0977332e60775"
        }
      ],
      "source": {
        "advisory": "GHSA-8c95-hpq2-w46f",
        "discovery": "UNKNOWN"
      },
      "title": "NiceGUI is vulnerable to Reflected XSS attack"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-53354",
    "datePublished": "2025-10-03T19:32:21.521Z",
    "dateReserved": "2025-06-27T12:57:16.120Z",
    "dateUpdated": "2025-10-03T19:42:40.273Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-53354\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-10-03T20:15:33.000\",\"lastModified\":\"2025-10-06T14:56:47.823\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NiceGUI is a Python-based UI framework. Versions 2.24.2 and below are at risk for Cross-Site Scripting (XSS) when developers render unescaped user input into the DOM using ui.html(). NiceGUI did not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input() with ui.html() or  ui.chat_message with HTML content without escaping may allow attackers to execute arbitrary JavaScript in the user\u2019s browser. Applications that do not pass untrusted input into ui.html() are not affected. This issue is fixed in version 3.0.0.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"references\":[{\"url\":\"https://github.com/zauberzeug/nicegui/commit/4673dc35c94a0c7339e2164378b0977332e60775\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/zauberzeug/nicegui/security/advisories/GHSA-8c95-hpq2-w46f\",\"source\":\"security-advisories@github.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-53354\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-03T19:41:55.791075Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-03T19:42:00.701Z\"}}], \"cna\": {\"title\": \"NiceGUI is vulnerable to Reflected XSS attack\", \"source\": {\"advisory\": \"GHSA-8c95-hpq2-w46f\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"zauberzeug\", \"product\": \"nicegui\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 3.0.0\"}]}], \"references\": [{\"url\": \"https://github.com/zauberzeug/nicegui/security/advisories/GHSA-8c95-hpq2-w46f\", \"name\": \"https://github.com/zauberzeug/nicegui/security/advisories/GHSA-8c95-hpq2-w46f\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/zauberzeug/nicegui/commit/4673dc35c94a0c7339e2164378b0977332e60775\", \"name\": \"https://github.com/zauberzeug/nicegui/commit/4673dc35c94a0c7339e2164378b0977332e60775\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"NiceGUI is a Python-based UI framework. Versions 2.24.2 and below are at risk for Cross-Site Scripting (XSS) when developers render unescaped user input into the DOM using ui.html(). NiceGUI did not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input() with ui.html() or  ui.chat_message with HTML content without escaping may allow attackers to execute arbitrary JavaScript in the user\\u2019s browser. Applications that do not pass untrusted input into ui.html() are not affected. This issue is fixed in version 3.0.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-10-03T19:32:21.521Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-53354\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-03T19:42:40.273Z\", \"dateReserved\": \"2025-06-27T12:57:16.120Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-10-03T19:32:21.521Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-8C95-HPQ2-W46F

Vulnerability from github – Published: 2025-10-03 19:19 – Updated: 2025-10-13 15:10

Summary

NiceGUI has a Reflected XSS

Details

Summary

A Cross-Site Scripting (XSS) risk exists in NiceGUI when developers render unescaped user input into the DOM using ui.html(). Before version 3.0, NiceGUI does not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input() with ui.html() without escaping may allow attackers to execute arbitrary JavaScript in the user’s browser. Same holds for ui.chat_message with HTML content.

Applications that directly reflect user input via ui.html() (or ui.chat_message in HTML mode) are affected. This may lead to client-side code execution (e.g., session hijacking or phishing). Applications that do not pass untrusted input into ui.html() are not affected.

Details

NiceGUI allows developers to bind user input directly into the DOM using ui.html() or ui.chat_message(). However, the library does not enforce any HTML or JavaScript sanitization, which potentially creates a dangerous attack surface for developers unaware of this behavior.

The vulnerable code path appears when combining these:

ui.input("XSS Input:", on_change=inject)
def inject(e):
    ui.html(f'{e.value}')

In this setup, any input provided by the user is rendered verbatim into the page’s DOM via innerHTML, enabling injection of script-based payloads.

PoC (Proof of Concept)

Create a simple app:

```python from nicegui import ui

@ui.page('/') def main(): def inject(e): ui.html(f'{e.value}') # vulnerable use

   ui.input("XSS Input:", on_change=inject)

ui.run() ```

Run the app:

bash python app.py

In the browser, input the following payload:

html <img src=x onerror=alert('XSS')>

Observe the JavaScript alert popup:

XSS

Impact

Vulnerability type: Reflected Cross-Site Scripting (XSS)
Attack vector: User input rendered as raw HTML
Affected users: Any NiceGUI-based application using ui.html() or ui.chat_message() with HTML content from user input

Severity ?

6.1 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "nicegui"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-53354"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-10-03T19:19:17Z",
    "nvd_published_at": "2025-10-03T20:15:33Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\n\nA Cross-Site Scripting (XSS) risk exists in NiceGUI when developers render unescaped user input into the DOM using `ui.html()`. Before version 3.0, NiceGUI does not enforce HTML or JavaScript sanitization, so applications that directly combine components like `ui.input()` with `ui.html()` without escaping may allow attackers to execute arbitrary JavaScript in the user\u2019s browser. Same holds for `ui.chat_message` with HTML content.\n\nApplications that directly reflect user input via `ui.html()` (or `ui.chat_message` in HTML mode) are affected. This may lead to client-side code execution (e.g., session hijacking or phishing). Applications that do not pass untrusted input into ui.html() are not affected.\n\n### Details\n\nNiceGUI allows developers to bind user input directly into the DOM using `ui.html()` or `ui.chat_message()`. However, the library does not enforce any HTML or JavaScript sanitization, which potentially creates a dangerous attack surface for developers unaware of this behavior.\n\nThe vulnerable code path appears when combining these:\n\n```python\nui.input(\"XSS Input:\", on_change=inject)\ndef inject(e):\n    ui.html(f\u0027{e.value}\u0027)\n```\n\nIn this setup, any input provided by the user is rendered **verbatim** into the page\u2019s DOM via innerHTML, enabling injection of script-based payloads.\n\n### PoC (Proof of Concept)\n\n1. Create a simple app:\n\n   ```python\n   from nicegui import ui\n\n   @ui.page(\u0027/\u0027)\n   def main():\n       def inject(e):\n           ui.html(f\u0027{e.value}\u0027)  # vulnerable use\n\n       ui.input(\"XSS Input:\", on_change=inject)\n\n   ui.run()\n   ```\n\n2. Run the app:\n\n   ```bash\n   python app.py\n   ```\n\n3. In the browser, input the following payload:\n\n   ```html\n   \u003cimg src=x onerror=alert(\u0027XSS\u0027)\u003e\n   ```\n\n4. Observe the JavaScript alert popup:\n\n   ```\n   XSS\n   ```\n\n### Impact\n\n* **Vulnerability type:** Reflected Cross-Site Scripting (XSS)\n* **Attack vector:** User input rendered as raw HTML\n* **Affected users:** Any NiceGUI-based application using `ui.html()` or `ui.chat_message()` with HTML content from user input",
  "id": "GHSA-8c95-hpq2-w46f",
  "modified": "2025-10-13T15:10:03Z",
  "published": "2025-10-03T19:19:17Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/zauberzeug/nicegui/security/advisories/GHSA-8c95-hpq2-w46f"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53354"
    },
    {
      "type": "WEB",
      "url": "https://github.com/zauberzeug/nicegui/commit/4673dc35c94a0c7339e2164378b0977332e60775"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/zauberzeug/nicegui"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "NiceGUI has a Reflected XSS"
}

FKIE_CVE-2025-53354

Vulnerability from fkie_nvd - Published: 2025-10-03 20:15 - Updated: 2025-10-06 14:56

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/zauberzeug/nicegui/commit/4673dc35c94a0c7339e2164378b0977332e60775
	security-advisories@github.com	https://github.com/zauberzeug/nicegui/security/advisories/GHSA-8c95-hpq2-w46f

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "NiceGUI is a Python-based UI framework. Versions 2.24.2 and below are at risk for Cross-Site Scripting (XSS) when developers render unescaped user input into the DOM using ui.html(). NiceGUI did not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input() with ui.html() or  ui.chat_message with HTML content without escaping may allow attackers to execute arbitrary JavaScript in the user\u2019s browser. Applications that do not pass untrusted input into ui.html() are not affected. This issue is fixed in version 3.0.0."
    }
  ],
  "id": "CVE-2025-53354",
  "lastModified": "2025-10-06T14:56:47.823",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-10-03T20:15:33.000",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/zauberzeug/nicegui/commit/4673dc35c94a0c7339e2164378b0977332e60775"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/zauberzeug/nicegui/security/advisories/GHSA-8c95-hpq2-w46f"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-53354 (GCVE-0-2025-53354)

GHSA-8C95-HPQ2-W46F

Summary

Details

PoC (Proof of Concept)

Impact

FKIE_CVE-2025-53354

Tags

Sightings

Nomenclature