BugCrowd Bug Bounty Disclosure: P3 – CVE-2025-4388 Reflected XSS in marketplace-app-manager-web. – Renatto

July 22, 2025
CVE-2025-4388 Reflected XSS in marketplace-app-manager-web.

CVE-2025-4388 Reflected XSS in marketplace-app-manager-web.

Researcher: Renatto
Engagement: National Aeronautics and Space Administration (NASA) – Vulnerability Disclosure Program
Disclosed at: 2025-07-17T13:40:06Z
Priority: P3
Status: Resolved

Summary

NASA Marshall Space Flight Center (MSFC) Directives Master List (DML) (dml.msfc.nasa.gov) is vulnerable to a reflected cross-site scripting (XSS) vulnerability in Liferay Portal and Liferay DXP which allows an remote non-authenticated attacker to inject JavaScript into the modules/apps/marketplace/marketplace-app-manager-web

When an attacker can control code that is executed within a user’s browser, they are able to carry out any actions that the user is able to perform, including accessing any of the user’s data and modifying information within the user’s permissions. This can result in modification, deletion, or theft of data, including accessing or deleting files, or stealing session cookies which an attacker could use to hijack a user’s session.

Proof of Concept (PoC)

Activity Feed

Actor Details Timestamp (UTC)
Brandon Brandon sent a: message 2025-07-21T17:36:25Z
Martin_NASA Martin_NASA published 2025-07-17T13:40:06Z
Renatto Renatto requested 2025-07-16T15:09:09Z
Renatto Renatto sent a: message 2025-07-16T14:56:51Z
Parker_Bugcrowd Parker_Bugcrowd changed the state to to resolved 2025-07-16T14:48:52Z
Martin_NASA Martin_NASA changed the state to to unresolved 2025-07-03T19:52:24Z
Mason357_Bugcrowd Mason357_Bugcrowd sent a: message 2025-07-03T17:07:26Z
Mason357_Bugcrowd Mason357_Bugcrowd changed the state to to triaged 2025-07-03T17:07:19Z
Mason357_Bugcrowd Mason357_Bugcrowd changed the severity to 2025-07-03T17:07:18Z
Renatto Renatto created the submission 2025-07-03T04:00:52Z

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

image

[GLOBAL] – Ransomware Victim: lafavoritaservice[.]it

July 25, 2025
image

[EVEREST] – Ransomware Victim: Best Price Financial Services

July 25, 2025
image

[EVEREST] – Ransomware Victim: Crumbl

July 25, 2025
image

[GLOBAL] – Ransomware Victim: moelco[.]es

July 25, 2025
image

CVE Alert: CVE-2025-33109

July 25, 2025