CVE-2025-55888

HIGH

ARD GEC En Ligne - Ajax accountName Cross-Site Scripting

Title source: manual
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-55888. PoCs published by 0xZeroSec.

AI-analyzed exploit summary This repository describes a Cross-Site Scripting (XSS) vulnerability in the Ajax transaction manager endpoint of ARD, where the accountName field is not properly sanitized. The PoC includes screenshots but no executable code.

Description

Cross-Site Scripting (XSS) vulnerability was discovered in the Ajax transaction manager endpoint of ARD. An attacker can intercept the Ajax response and inject malicious JavaScript into the accountName field. This input is not properly sanitized or encoded when rendered, allowing script execution in the context of users browsers. This flaw could lead to session hijacking, cookie theft, and other malicious actions.

Exploits (1)

nomisec WRITEUP 4 stars
by 0xZeroSec · poc
https://github.com/0xZeroSec/CVE-2025-55888

This repository describes a Cross-Site Scripting (XSS) vulnerability in the Ajax transaction manager endpoint of ARD, where the accountName field is not properly sanitized. The PoC includes screenshots but no executable code.

Classification
Writeup 80%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target: ARD (version not specified)
No auth needed
Prerequisites: Access to the Ajax transaction manager endpoint · Ability to intercept/modify Ajax responses
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 7.3
EPSS 0.0051
EPSS Percentile 39.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (1)
ard/gec_en_ligne
Published Sep 22, 2025
Tracked Since Feb 18, 2026