CVE-2025-58353 HIGH

CVE-2025-58353: Promptcraft Forge Studio: Complete Sanitizer Bypass Enables XSS via Overlapping Patterns

Vendor Marcelotessaro

Product promptcraft-forge-studio

Weakness CWE-79 · XSS

Published September 4, 2025

Last update September 4, 2025

View on NVD All CVEs

CVSS base score

8.2/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality High

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

What the vulnerability does

01Description

Promptcraft Forge Studio is a toolkit for evaluating, optimizing, and maintaining LLM-powered applications. All versions of Promptcraft Forge Studio sanitize user input using regex blacklists such as r`eplace(/javascript:/gi, '')`. Because the package uses multi-character tokens and each replacement is applied only once, removing one occurrence can create a new dangerous token due to overlap. The “sanitized” value may still contain an executable payload when used in href/src (or injected into the DOM). There is currently no fix for this issue.

Key dates

02Disclosure timeline

September 4, 2025 CVE published

September 4, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-58353 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

CVE-2025-58353: Promptcraft Forge Studio: Complete Sanitizer Bypass Enables XSS via Overlapping Patterns

01Description

02Disclosure timeline

03References

04Related CVE