CVE-2025-25018

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-25018
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-25018.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-25018
Aliases
Published
2025-10-10T10:15:33.743Z
Modified
2025-12-09T17:06:09.471409Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Improper Neutralization of Input During Web Page Generation in Kibana can lead to stored Cross-Site Scripting (XSS)

References

Affected packages

Git / github.com/elastic/elasticsearch

Affected ranges

Type
GIT
Repo
https://github.com/elastic/elasticsearch
Events
Introduced
b7e28a7232616c7a21bc879a535d801b8553ba77
Fixed
c1310008a98b8bb63c9fc08e763de1d065b943ce

Database specific

vanir_signatures

[
    {
        "digest": {
            "function_hash": "249765765527764254961865193665008504870",
            "length": 322.0
        },
        "deprecated": false,
        "target": {
            "function": "testOldIndexSemanticTextSparseVersionRaisesError",
            "file": "x-pack/plugin/inference/src/test/java/org/elasticsearch/xpack/inference/mapper/SemanticTextFieldMapperTests.java"
        },
        "id": "CVE-2025-25018-06bcb486",
        "signature_version": "v1",
        "source": "https://github.com/elastic/elasticsearch/commit/c1310008a98b8bb63c9fc08e763de1d065b943ce",
        "signature_type": "Function"
    },
    {
        "digest": {
            "function_hash": "216429141669878661452070393933949020156",
            "length": 368.0
        },
        "deprecated": false,
        "target": {
            "function": "validateParserContext",
            "file": "x-pack/plugin/inference/src/main/java/org/elasticsearch/xpack/inference/mapper/SemanticTextFieldMapper.java"
        },
        "id": "CVE-2025-25018-127380f2",
        "signature_version": "v1",
        "source": "https://github.com/elastic/elasticsearch/commit/c1310008a98b8bb63c9fc08e763de1d065b943ce",
        "signature_type": "Function"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "46778459678719198788863574446553221226",
                "227526389465720929596430553628975697304",
                "150049059937223994787476705790433732044",
                "328635304086144337324979246151558935664",
                "238267326037809942089416424725201504926",
                "239127309757472193571684981147742201173",
                "173339703316009130346461748428871974340",
                "320082339657603852603623259741426538034",
                "57118101550255153288139441993827008978",
                "268077932521070584832017352121249000075",
                "102348567805617495592268951805669974975",
                "11265192835822603210162801661360872060",
                "201173388829126597956002296588814084345",
                "337421580536504805651941451209477653214",
                "268075823910593805973861160404908247282",
                "9015906786740215991199765650853684422",
                "266988922029788668281231447512727939898",
                "172758342448755661431055717457301901038",
                "297612526677102816987940982488909026806",
                "210768804027509774644592109719262626729",
                "298123093271431276257578624524763682529",
                "80694905765248191373232040858301348148",
                "51188739959210038594042089674024249861",
                "187947718986999890631599988869822772770",
                "207105469192108996997706200474270770510",
                "151354268564102146974990964996402402639",
                "127423006876670033087290001592727022679",
                "275612146089253582203363595104868195677",
                "51748493963961357519758086343479074559",
                "200549291164040151494825744531332418306",
                "239196964213531434344185265450366252390",
                "329626261930251612650005244598332413438",
                "120105507997745074262955751379832286552",
                "34493630395322261406715696382503445314",
                "16871879890049855732250965867318795550",
                "114692002306916862615727736492928276000",
                "215412353412547025196509663532932782715",
                "335174381897296512391143356609878691466",
                "290996714066872469541389277716815248935",
                "333508862785924981954910392220880037432",
                "277647464754561137415646796304470856322"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "x-pack/plugin/inference/src/main/java/org/elasticsearch/xpack/inference/mapper/SemanticTextFieldMapper.java"
        },
        "id": "CVE-2025-25018-19dbbb3d",
        "signature_version": "v1",
        "source": "https://github.com/elastic/elasticsearch/commit/c1310008a98b8bb63c9fc08e763de1d065b943ce",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "282459297521231248024296681023376889457",
            "length": 1043.0
        },
        "deprecated": false,
        "target": {
            "function": "indexMapping",
            "file": "server/src/test/java/org/elasticsearch/index/mapper/vectors/DenseVectorFieldMapperTests.java"
        },
        "id": "CVE-2025-25018-28ff1259",
        "signature_version": "v1",
        "source": "https://github.com/elastic/elasticsearch/commit/c1310008a98b8bb63c9fc08e763de1d065b943ce",
        "signature_type": "Function"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "262236121079915436119142065679252180905",
                "137777506514668796492329693710738707556",
                "57564652145248143655886175705483546543",
                "114140632291519758601195886058306622434",
                "206061497615943989835368704148231563482",
                "123974211637094905911105515844484307346",
                "202035863791723906355035462524171464328",
                "263579734941057405031723276015520724794"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "server/src/test/java/org/elasticsearch/index/mapper/vectors/DenseVectorFieldMapperTests.java"
        },
        "id": "CVE-2025-25018-4975358e",
        "signature_version": "v1",
        "source": "https://github.com/elastic/elasticsearch/commit/c1310008a98b8bb63c9fc08e763de1d065b943ce",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "151581543923528670693525823811555113136",
            "length": 1017.0
        },
        "deprecated": false,
        "target": {
            "function": "createEmbeddingsField",
            "file": "x-pack/plugin/inference/src/main/java/org/elasticsearch/xpack/inference/mapper/SemanticTextFieldMapper.java"
        },
        "id": "CVE-2025-25018-5412173f",
        "signature_version": "v1",
        "source": "https://github.com/elastic/elasticsearch/commit/c1310008a98b8bb63c9fc08e763de1d065b943ce",
        "signature_type": "Function"
    },
    {
        "digest": {
            "function_hash": "255075628869125026499779058897594092053",
            "length": 474.0
        },
        "deprecated": false,
        "target": {
            "function": "testOldIndexSemanticTextDenseVectorRaisesError",
            "file": "x-pack/plugin/inference/src/test/java/org/elasticsearch/xpack/inference/mapper/SemanticTextFieldMapperTests.java"
        },
        "id": "CVE-2025-25018-5ad383b0",
        "signature_version": "v1",
        "source": "https://github.com/elastic/elasticsearch/commit/c1310008a98b8bb63c9fc08e763de1d065b943ce",
        "signature_type": "Function"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "158605217801375928217441734668045540378",
                "272643381640331013499760342031064134020",
                "53985671753460806937762457046134928512",
                "197421975884843474782424751932224498632",
                "147776267001273472201702975582528497363",
                "655409951843218362925480034532671518",
                "17637815016842550146136423455960159478",
                "74236008148083372658918307439668483975",
                "322466091450047313375256476185595762444",
                "19774709324117963877378806154921988126",
                "111332465234007377841077556799200761214",
                "318852455395922762541962253784569936542",
                "103714126231198070777385075505723872779",
                "225055423574406139145017039407710500808",
                "176602979872018362860366352636239272391",
                "331685485893499033920803751727008752008",
                "69845433180568037910725362514896432747",
                "288232291348711926876643238346416986777",
                "68055421170270233796912105902769502524",
                "94739273273727563438676562800551104982",
                "84737812370821697998231739337299621986",
                "115294157346707483202906366071384113569",
                "57212282134168748289652182660041201662",
                "254952007036070415382532317368308133681",
                "263203763916969629460590396437502289108",
                "22319423814347326997056951711072005097",
                "23504183291184894397124342894633566955",
                "218290195268039007322983453577677478937",
                "104397057306458966946420455493521049587",
                "108549254030958920501876829102082088797",
                "103602840545713796434731913178477290736",
                "288232291348711926876643238346416986777",
                "304973740810181194951592487929339496300",
                "130999337670170096176664372274476384929",
                "35867540676817589760895459391085052904",
                "207502979453752030282883390595778036424",
                "201606209583253241599127378006426619079",
                "196859472990790294633289504047629811096",
                "217941806944909312076984301808225946554",
                "262692938943554161674911701383004754029",
                "122608929037810719115677381049195131198",
                "266704451184192508078195140547635007709",
                "42779409025487380885093343877669921094",
                "113544207510783995041866812883656149640",
                "300270315494799500913741421782448457144",
                "186309500865517495853234544968794613882",
                "275404729970474416383790431094378410325",
                "52682000639465385863593790108573768318",
                "108301057757930837241470507337700244957",
                "8869584976956833588688363116094065733",
                "320322203024487798382973062775163554140"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "x-pack/plugin/inference/src/test/java/org/elasticsearch/xpack/inference/mapper/SemanticTextFieldMapperTests.java"
        },
        "id": "CVE-2025-25018-64cf6848",
        "signature_version": "v1",
        "source": "https://github.com/elastic/elasticsearch/commit/c1310008a98b8bb63c9fc08e763de1d065b943ce",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "304099916769792469380869096030645339333",
            "length": 65.0
        },
        "deprecated": false,
        "target": {
            "function": "boostNotAllowedIndexVersion",
            "file": "x-pack/plugin/inference/src/test/java/org/elasticsearch/xpack/inference/mapper/SemanticTextFieldMapperTests.java"
        },
        "id": "CVE-2025-25018-69fd1bb4",
        "signature_version": "v1",
        "source": "https://github.com/elastic/elasticsearch/commit/c1310008a98b8bb63c9fc08e763de1d065b943ce",
        "signature_type": "Function"
    },
    {
        "digest": {
            "function_hash": "185620469528429678572919397230684044211",
            "length": 494.0
        },
        "deprecated": false,
        "target": {
            "function": "parseSemanticTextField",
            "file": "x-pack/plugin/inference/src/main/java/org/elasticsearch/xpack/inference/mapper/SemanticTextFieldMapper.java"
        },
        "id": "CVE-2025-25018-76e75111",
        "signature_version": "v1",
        "source": "https://github.com/elastic/elasticsearch/commit/c1310008a98b8bb63c9fc08e763de1d065b943ce",
        "signature_type": "Function"
    },
    {
        "digest": {
            "function_hash": "331323253558194736856864026167107843654",
            "length": 126.0
        },
        "deprecated": false,
        "target": {
            "function": "testOldIndexSemanticTextMinimalMappingRaisesError",
            "file": "x-pack/plugin/inference/src/test/java/org/elasticsearch/xpack/inference/mapper/SemanticTextFieldMapperTests.java"
        },
        "id": "CVE-2025-25018-77569fab",
        "signature_version": "v1",
        "source": "https://github.com/elastic/elasticsearch/commit/c1310008a98b8bb63c9fc08e763de1d065b943ce",
        "signature_type": "Function"
    },
    {
        "digest": {
            "function_hash": "192095868591587962532804350088891814436",
            "length": 331.0
        },
        "deprecated": false,
        "target": {
            "function": "assertOldIndexUnsupported",
            "file": "x-pack/plugin/inference/src/test/java/org/elasticsearch/xpack/inference/mapper/SemanticTextFieldMapperTests.java"
        },
        "id": "CVE-2025-25018-bac55aa9",
        "signature_version": "v1",
        "source": "https://github.com/elastic/elasticsearch/commit/c1310008a98b8bb63c9fc08e763de1d065b943ce",
        "signature_type": "Function"
    }
]

Git / github.com/elastic/kibana

Affected ranges

Type
GIT
Repo
https://github.com/elastic/kibana
Events
Introduced
ee89fda8a17eff9c93f7400c102edf76cb4d7d8a
Fixed
08ece643671f3ee61a7297b3e67aa99e79a1aef7