{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-2274", "assignerOrgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2", "state": "PUBLISHED", "assignerShortName": "forcepoint", "dateReserved": "2025-03-13T07:59:18.904Z", "datePublished": "2026-03-16T14:46:50.015Z", "dateUpdated": "2026-03-16T18:36:51.535Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2", "shortName": "forcepoint", "dateUpdated": "2026-03-16T14:46:50.015Z"}, "title": "Stored Cross Site Scripting in Forcepoint Web Security", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592 Stored XSS"}]}], "affected": [{"vendor": "Forcepoint", "product": "Web Security (On-Prem)", "platforms": ["Windows"], "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "8.5.6", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation in Forcepoint Web Security (On-Prem) on Windows allows Stored XSS.This issue affects Web Security through 8.5.6.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Improper Neutralization of Input During Web Page Generation in Forcepoint Web Security (On-Prem) on Windows allows Stored XSS.<p>This issue affects Web Security through 8.5.6.</p>"}]}], "references": [{"url": "https://support.forcepoint.com/s/article/Security-Advisory-Stored-Cross-Site-Scripting-in-Forcepoint-Web-Security"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "ADJACENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"}}], "solutions": [{"lang": "en", "value": "Fixed in 8.5.7", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Fixed in 8.5.7"}]}], "credits": [{"lang": "en", "value": "Majchrowicz, Zdunek and Marcin Wyczechowski from AFINE Team.", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-16T18:36:41.987362Z", "id": "CVE-2025-2274", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T18:36:51.535Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2274", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T18:36:41.987362Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T18:36:47.373Z"}}], "cna": {"title": "Stored Cross Site Scripting in Forcepoint Web Security", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Majchrowicz, Zdunek and Marcin Wyczechowski from AFINE Team."}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592 Stored XSS"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 4.8, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Forcepoint", "product": "Web Security (On-Prem)", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "8.5.6"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Fixed in 8.5.7", "supportingMedia": [{"type": "text/html", "value": "Fixed in 8.5.7", "base64": false}]}], "references": [{"url": "https://support.forcepoint.com/s/article/Security-Advisory-Stored-Cross-Site-Scripting-in-Forcepoint-Web-Security"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation in Forcepoint Web Security (On-Prem) on Windows allows Stored XSS.This issue affects Web Security through 8.5.6.", "supportingMedia": [{"type": "text/html", "value": "Improper Neutralization of Input During Web Page Generation in Forcepoint Web Security (On-Prem) on Windows allows Stored XSS.<p>This issue affects Web Security through 8.5.6.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2", "shortName": "forcepoint", "dateUpdated": "2026-03-16T14:46:50.015Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2274", "state": "PUBLISHED", "dateUpdated": "2026-03-16T18:36:51.535Z", "dateReserved": "2025-03-13T07:59:18.904Z", "assignerOrgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2", "datePublished": "2026-03-16T14:46:50.015Z", "assignerShortName": "forcepoint"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation in Forcepoint Web Security (On-Prem) on Windows allows Stored XSS.This issue affects Web Security through 8.5.6."}], "id": "CVE-2025-2274", "lastModified": "2026-03-17T14:20:01.670", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "psirt@forcepoint.com", "type": "Secondary"}]}, "published": "2026-03-16T15:16:17.697", "references": [{"source": "psirt@forcepoint.com", "url": "https://support.forcepoint.com/s/article/Security-Advisory-Stored-Cross-Site-Scripting-in-Forcepoint-Web-Security"}], "sourceIdentifier": "psirt@forcepoint.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "psirt@forcepoint.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["windows"], "status": "affected", "versions": {"scheme": "semver", "value": "[0,8.5.6]"}}], "enrichment": {"confidence": 84.0, "confidence_source": "matching", "scores": [{"score": 84.0, "source": "matching"}]}, "original": {"product": "Web Security (On-Prem)", "source": "cna", "vendor": "Forcepoint"}, "product": "web_security", "vendor": "forcepoint"}], "analysis": {"en": {"generated_at": "2026-03-17T11:21:08.261631+00:00", "value": {"mitigation_remediation": ["Upgrade Forcepoint Web Security to version 8.5.7 or later to receive the fix.", "Verify that the upgrade is successful and test that the web management console no longer allows the injection of arbitrary script content.", "If upgrading is not immediately possible, monitor the system for suspicious input and consider disabling any feature that allows user\u2011supplied content from being stored and displayed."], "summary": {"action": "Patch Now", "impact": "Stored XSS"}, "threat_synthesis": {"affected_systems": "Forcepoint Web Security (On\u2011Prem) on Windows is affected for all versions up to and including 8.5.6. The vendor explicitly states that the issue does not exist in version 8.5.7 or newer.", "description_and_impact": "The vulnerability is an Improper Neutralization of Input During Web Page Generation that results in Stored Cross\u2011Site Scripting (CWE\u201179). It allows an attacker to inject malicious script content that is stored and later presented to users in the web interface, potentially causing the script to execute in the browsers of users who view the affected page. The resulting impact includes the possibility of session hijacking, data theft, or defacement of the web interface, depending on the privileges of the user accessing the malicious content.", "risk_and_exploitability": "The CVSS score of 4.8 indicates moderate severity; no EPSS score is available and the vulnerability is not listed in CISA\u2019s KEV catalog, suggesting no publicly known exploitation in the wild. Based on the description, the likely attack vector is through a web interface that accepts user\u2011supplied data and stores it pending rendering, implying that an attacker would need either authenticated access to the management console or an ability to submit content that is later served to users. The exploit would work only if the vulnerable stored content is displayed to a victim\u2019s browser."}}}}, "created": "2026-03-17T09:52:45.699402+00:00", "updated": "2026-03-24T10:44:19.955914+00:00", "vendors": ["forcepoint", "forcepoint$PRODUCT$web_security"]}