CVE-2025-23026: jte's HTML templates containing Javascript template strings are subject to XSS
6.1
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.1239%
CWE
Published
1/13/2025
Updated
1/13/2025
KEV Status
No
Technology
Java
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| gg.jte:jte | maven | <= 3.1.15 | 3.1.16 |
| gg.jte:jte-runtime | maven | <= 3.1.15 | 3.1.16 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from two methods in the Escape class handling JavaScript contexts. The commit diff shows these functions lacked escaping for backticks (used in JS template literals) and dollar signs (used in template interpolation). This matches the CWE-79/CWE-150 descriptions and the PoC demonstrating XSS via unescaped template strings. The high confidence comes from direct references in vulnerability details, commit patches adding specific escaping logic, and test cases validating these fixes.