CVE-2025-63848

MEDIUM

SWISH < 2.2.0 - Stored Cross-Site Scripting via Web IDE Notebook

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-63848. PoCs published by coderMohammed1.

AI-analyzed exploit summary This repository contains a writeup describing a stored XSS vulnerability in SWISH Prolog through version 2.2.0, allowing attackers to execute arbitrary code via crafted web IDE notebooks, leading to potential account takeover.

Description

Stored cross site scripting (xss) vulnerability in SWISH prolog thru 2.2.0 allowing attackers to execute arbitrary code via crafted web IDE notebook.

Exploits (1)

nomisec WRITEUP

by coderMohammed1 · poc

https://github.com/coderMohammed1/CVE-2025-63848

View Code ZIP pw:eip

This repository contains a writeup describing a stored XSS vulnerability in SWISH Prolog through version 2.2.0, allowing attackers to execute arbitrary code via crafted web IDE notebooks, leading to potential account takeover.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: SWISH Prolog <= 2.2.0

No auth needed

Prerequisites: Access to the SWISH Prolog web IDE

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Product

https://github.com/SWI-Prolog

Patch, Third Party Advisory

https://github.com/coderMohammed1/CVE-2025-63848

Scores

CVSS v3 6.1

EPSS 0.0016

EPSS Percentile 5.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (1)

swi-prolog/swish < 2.2.0

Published Nov 20, 2025

Tracked Since Feb 18, 2026