CVE-2025-51464
Published: 22 July 2025
Summary
CVE-2025-51464 is a high-severity Cross-site Scripting (CWE-79) vulnerability in Aimstack Aim. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 27.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-18 (Mobile Code) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires validation of Python code submitted to the /api/reports endpoint to block malicious payloads that invoke pyodide.code.run_js() for arbitrary JavaScript execution.
Mandates restrictions on mobile code execution, directly addressing the lack of sandboxing or controls preventing JavaScript run via Pyodide in the browser when viewing reports.
Enforces filtering of report content prior to processing by Pyodide to prevent cross-site scripting through unsanitized output execution in victims' browsers.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
XSS in public-facing /api/reports endpoint enables direct exploitation (T1190) and arbitrary JS execution in browser via Pyodide (T1059.007).
NVD Description
Cross-site Scripting (XSS) in aimhubio Aim 3.28.0 allows remote attackers to execute arbitrary JavaScript in victims browsers via malicious Python code submitted to the /api/reports endpoint, which is interpreted and executed by Pyodide when the report is viewed. No sanitisation…
more
or sandbox restrictions prevent JavaScript execution via pyodide.code.run_js().
Deeper analysisAI
CVE-2025-51464 is a Cross-site Scripting (XSS) vulnerability in aimhubio Aim version 3.28.0. The flaw allows remote attackers to execute arbitrary JavaScript in victims' browsers by submitting malicious Python code to the /api/reports endpoint. This code is interpreted and executed by Pyodide when the report is viewed, as there are no sanitization measures or sandbox restrictions to prevent JavaScript execution via pyodide.code.run_js(). The vulnerability carries a CVSS score of 8.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) and maps to CWE-79.
Unauthenticated remote attackers can exploit this issue by posting crafted Python code embedding JavaScript to the /api/reports endpoint. Exploitation requires a victim to view the resulting report in their browser, at which point Pyodide processes the malicious payload and runs the JavaScript in the browser context. Successful attacks enable arbitrary JavaScript execution, potentially leading to theft of session cookies, account takeover, or other client-side compromises with high impacts on confidentiality, integrity, and availability.
The aimhubio/aim GitHub repository includes pull request #3333 addressing the vulnerability. Further technical details are available in the Gecko Security blog post at https://www.gecko.security/blog/cve-2025-51464. Security practitioners should review these resources and ensure Aim deployments are updated to mitigate the issue.
Details
- CWE(s)