CVE-2025-52552
Published: 21 June 2025
Summary
CVE-2025-52552 is a medium-severity Cross-site Scripting (CWE-79) vulnerability in Fastgpt Fastgpt. Its CVSS base score is 5.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Web Portal Capture (T1056.003); ranked at the 43.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as LLM Application Platforms; in the Other ATLAS/OWASP Terms risk domain.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-18916
Vulnerability details
FastGPT is an AI Agent building platform. Prior to version 4.9.12, the LastRoute Parameter on login page is vulnerable to open redirect and DOM-based XSS. Improper validation and lack of sanitization of this parameter allows attackers execute malicious JavaScript or…
more
redirect them to attacker-controlled sites. This issue has been patched in version 4.9.12.
- CWE(s)
AI Security AnalysisAI
- AI Category
- LLM Application Platforms
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: ai
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
DOM-based XSS on login page enables JS execution to capture login credentials (T1056.003) and steal session cookies (T1539). Open redirect facilitates phishing via crafted links to malicious sites (T1566.002). Vulnerability is in public-facing web app (T1190).
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates web inputs to reject script-related content that could produce XSS.
Security awareness includes verifying URLs and avoiding untrusted redirects that lead to malicious sites.
Penetration testing submits XSS payloads to web applications, detecting cross-site scripting flaws for subsequent remediation.
Output validation against expected content can reject or sanitize script content in generated web pages, reducing XSS exploitability.