{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-5015", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2025-05-20T17:51:22.600Z", "datePublished": "2025-06-25T16:23:54.248Z", "dateUpdated": "2025-06-25T20:09:56.654Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Parsons Utility Enterprise Data Management", "vendor": "Parsons", "versions": [{"status": "affected", "version": "5.18"}, {"status": "affected", "version": "5.03"}, {"lessThanOrEqual": "4.26", "status": "affected", "version": "4.02", "versionType": "custom"}, {"status": "affected", "version": "3.30"}]}, {"defaultStatus": "unaffected", "product": "AclaraONE Utility Portal", "vendor": "Parsons", "versions": [{"lessThan": "1.22", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Joshua Dillon reported this vulnerability to CISA."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one.</span>"}], "value": "A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-06-25T16:23:54.248Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-06"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>Parsons Utility Enterprise Data Management Users - This vulnerability has been patched in all instances managed by Parsons as of January 7, 2025. No end-user action is required.</div><div><br></div><div>AclaraONE Hosted Users \u2013 This vulnerability has been patched in all instances managed by Aclara as of February 7, 2025. No end-user action is required.</div><div><br></div>AclaraONE On Premise Users - End-user action is required. A patch and mitigation information for AclaraONE is available through the Aclara Connect Customer Portal. If you prefer assistance, Aclara Support would be happy to help. Users may request an appointment to apply the patch update by opening a ticket on the Aclara Connect Customer Portal, or by contacting us by phone or email. Requests will be processed in the order received.<br>\n\n<br>"}], "value": "Parsons Utility Enterprise Data Management Users - This vulnerability has been patched in all instances managed by Parsons as of January 7, 2025. No end-user action is required.\n\n\n\n\nAclaraONE Hosted Users \u2013 This vulnerability has been patched in all instances managed by Aclara as of February 7, 2025. No end-user action is required.\n\n\n\n\nAclaraONE On Premise Users - End-user action is required. A patch and mitigation information for AclaraONE is available through the Aclara Connect Customer Portal. If you prefer assistance, Aclara Support would be happy to help. Users may request an appointment to apply the patch update by opening a ticket on the Aclara Connect Customer Portal, or by contacting us by phone or email. Requests will be processed in the order received."}], "source": {"advisory": "ICSA-25-175-06", "discovery": "EXTERNAL"}, "title": "Parsons AccuWeather Widget Cross-site Scripting", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-25T20:09:51.085948Z", "id": "CVE-2025-5015", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-25T20:09:56.654Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-5015", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-25T20:09:51.085948Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-25T20:08:10.680Z"}}], "cna": {"title": "Parsons AccuWeather Widget Cross-site Scripting", "source": {"advisory": "ICSA-25-175-06", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Joshua Dillon reported this vulnerability to CISA."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Parsons", "product": "Parsons Utility Enterprise Data Management", "versions": [{"status": "affected", "version": "5.18"}, {"status": "affected", "version": "5.03"}, {"status": "affected", "version": "4.02", "versionType": "custom", "lessThanOrEqual": "4.26"}, {"status": "affected", "version": "3.30"}], "defaultStatus": "unaffected"}, {"vendor": "Parsons", "product": "AclaraONE Utility Portal", "versions": [{"status": "affected", "version": "0", "lessThan": "1.22", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Parsons Utility Enterprise Data Management Users - This vulnerability has been patched in all instances managed by Parsons as of January 7, 2025. No end-user action is required.\n\n\n\n\nAclaraONE Hosted Users \u2013 This vulnerability has been patched in all instances managed by Aclara as of February 7, 2025. No end-user action is required.\n\n\n\n\nAclaraONE On Premise Users - End-user action is required. A patch and mitigation information for AclaraONE is available through the Aclara Connect Customer Portal. If you prefer assistance, Aclara Support would be happy to help. Users may request an appointment to apply the patch update by opening a ticket on the Aclara Connect Customer Portal, or by contacting us by phone or email. Requests will be processed in the order received.", "supportingMedia": [{"type": "text/html", "value": "<div>Parsons Utility Enterprise Data Management Users - This vulnerability has been patched in all instances managed by Parsons as of January 7, 2025. No end-user action is required.</div><div><br></div><div>AclaraONE Hosted Users \u2013 This vulnerability has been patched in all instances managed by Aclara as of February 7, 2025. No end-user action is required.</div><div><br></div>AclaraONE On Premise Users - End-user action is required. A patch and mitigation information for AclaraONE is available through the Aclara Connect Customer Portal. If you prefer assistance, Aclara Support would be happy to help. Users may request an appointment to apply the patch update by opening a ticket on the Aclara Connect Customer Portal, or by contacting us by phone or email. Requests will be processed in the order received.<br>\n\n<br>", "base64": false}]}], "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-06"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-06-25T16:23:54.248Z"}}}, "cveMetadata": {"cveId": "CVE-2025-5015", "state": "PUBLISHED", "dateUpdated": "2025-06-25T20:09:56.654Z", "dateReserved": "2025-05-20T17:51:22.600Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2025-06-25T16:23:54.248Z", "assignerShortName": "icscert"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one."}, {"lang": "es", "value": "Existe una vulnerabilidad de cross site scripting en el widget AccuWeather y Custom RSS que permite que un usuario no autenticado reemplace la URL de la fuente RSS por una maliciosa."}], "id": "CVE-2025-5015", "lastModified": "2025-06-26T18:57:43.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2025-06-25T17:15:39.970", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-06"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}

{}