Cyber Resilience

CVE-2025-51464

HighPublic PoC

Published: 22 July 2025

Published
22 July 2025
Modified
11 September 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0188 83.5th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-51464 is a high-severity Cross-site Scripting (CWE-79) vulnerability in Aimstack Aim. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 16.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-18 (Mobile Code) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-51464 is a cross-site scripting vulnerability in Aim version 3.28.0 from aimhubio. It stems from insufficient input sanitization on the /api/reports endpoint, where submitted Python code is processed by Pyodide without sandbox restrictions, allowing direct calls to pyodide.code.run_js() that execute arbitrary JavaScript in the browser of anyone viewing the resulting report.

An unauthenticated remote attacker can submit malicious Python payloads to the endpoint. When a victim subsequently views the generated report, the embedded JavaScript executes with the victim's privileges, enabling theft of session data, account takeover, or other actions consistent with the CVSS 8.8 rating that reflects network attack vector, low complexity, and impacts to confidentiality, integrity, and availability.

The associated GitHub repository, pull request 3333, and Gecko Security analysis provide details on the affected code paths and remediation steps for the reported issue. The EPSS score has remained flat at 0.0188 with no material increase observed since disclosure.

EU & UK References

Vulnerability details

Cross-site Scripting (XSS) in aimhubio Aim 3.28.0 allows remote attackers to execute arbitrary JavaScript in victims browsers via malicious Python code submitted to the /api/reports endpoint, which is interpreted and executed by Pyodide when the report is viewed. No sanitisation…

more

or sandbox restrictions prevent JavaScript execution via pyodide.code.run_js().

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.007 JavaScript Execution
Adversaries may abuse various implementations of JavaScript for execution.
Why these techniques?

XSS in public-facing /api/reports endpoint enables direct exploitation (T1190) and arbitrary JS execution in browser via Pyodide (T1059.007).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-8769Same product: Aimstack Aim
CVE-2024-7760Same product: Aimstack Aim
CVE-2024-8238Same product: Aimstack Aim
CVE-2025-0189Same product: Aimstack Aim
CVE-2025-0190Same product: Aimstack Aim
CVE-2026-3231Shared CWE-79
CVE-2025-23481Shared CWE-79
CVE-2025-69302Shared CWE-79
CVE-2025-23734Shared CWE-79
CVE-2025-23571Shared CWE-79

Affected Assets

aimstack
aim
3.28.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires validation of Python code submitted to the /api/reports endpoint to block malicious payloads that invoke pyodide.code.run_js() for arbitrary JavaScript execution.

prevent

Mandates restrictions on mobile code execution, directly addressing the lack of sandboxing or controls preventing JavaScript run via Pyodide in the browser when viewing reports.

prevent

Enforces filtering of report content prior to processing by Pyodide to prevent cross-site scripting through unsanitized output execution in victims' browsers.

References