Logo Cloud CVE-2025-0609
MEDIUMSeverity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
1DescriptionCVE.org
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Logo Software Inc. Logo Cloud allows Cross-Site Scripting (XSS).
This issue affects Logo Cloud: before 1.18.
AnalysisAI
Stored or persistent cross-site scripting in Logo Cloud versions before 1.18 allows a high-privileged authenticated attacker to inject malicious scripts into web pages served by the application. Successful exploitation can result in limited confidentiality, integrity, and availability impact within the application's scope. No public exploit code exists and EPSS sits at the 14th percentile (0.04%), indicating this is not actively targeted in the wild at time of analysis.
Technical ContextAI
Logo Cloud is a web-based cloud application developed by Logo Software Inc., a Turkish software vendor. The vulnerability is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation), the canonical root cause for cross-site scripting flaws, occurring when user-supplied input is rendered in HTML output without adequate encoding or sanitization. The CVSS vector AV:N/AC:L/PR:H/UI:N/S:U indicates the flaw is reachable over the network, requires no complex attack conditions, but demands high-level privileges to introduce the malicious payload. The UI:N component suggests that once the payload is injected by the privileged attacker, subsequent victims are affected without needing to perform any additional interaction beyond normal application use - consistent with a stored XSS pattern. Scope is unchanged (S:U), meaning the exploit is contained within the application's security boundary and does not cascade to other systems.
Affected ProductsAI
Logo Cloud by Logo Software Inc. is affected in all versions prior to 1.18. No CPE string was provided in the NVD data, so affected version boundaries are derived solely from the NVD description and the Turkish USOM advisory TR-25-0318 published at https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0318 and https://www.usom.gov.tr/bildirim/tr-25-0318. Version 1.18 and later are indicated as the remediated baseline; earlier versions should be considered vulnerable.
RemediationAI
The primary remediation is to upgrade Logo Cloud to version 1.18 or later, which addresses this XSS vulnerability per the vendor advisory referenced in USOM notification TR-25-0318 (https://www.usom.gov.tr/bildirim/tr-25-0318). If an immediate upgrade is not feasible, compensating controls should focus on restricting which accounts hold high-level privileges within Logo Cloud, thereby reducing the attacker pool to the minimum necessary administrators. Organizations should audit administrator account assignments and enforce multi-factor authentication on all privileged accounts to reduce the likelihood of credential compromise that could be leveraged to exploit this flaw. Content Security Policy (CSP) headers, if configurable at the deployment layer, can limit the impact of stored XSS by restricting script execution origins, though this does not eliminate the underlying vulnerability. No specific workarounds for disabling the affected input field were identified in available references.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today