CVE-2025-62780 Scanner

ChangeDetection.io is an open-source web-based application that allows users to track changes on web pages. It is often used by marketers, developers, and individuals who want to stay updated on specific website changes without manually checking them. The platform is user-friendly, supporting the addition of multiple sites and alerting users via email when changes are detected. Its flexibility and customization options make ChangeDetection.io a popular choice for monitoring web page changes securely and efficiently. The application is particularly useful in environments where timely notification of web changes can provide a competitive advantage.

The vulnerability detected in ChangeDetection.io is a stored Cross-Site Scripting (XSS) issue. This type of vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. In this case, the XSS vulnerability is present in the Watch API, which does not adequately sanitize input. Consequently, an attacker can exploit this flaw to execute arbitrary JavaScript code. The exploit requires user interaction, leading to potential data theft or unwanted actions performed in the user's browser. Mitigation involves ensuring the platform is updated to secure versions where input validation is appropriately implemented.

Technical details reveal that the vulnerability arises from insufficient security checks in the Watch update API. The vulnerable endpoint is '/api/v1/watch/{{watch_uuid}}' where attackers can manipulate user input to include a malicious script. The parameter in question is the 'url' parameter, which should ideally be validated more stringently to prevent harmful scripts from being embedded. The vulnerability exploits a lack of input sanitization, allowing injected JavaScript to run when a user previews links within the application. The endpoint accepts JavaScript URLs due to the incomplete implementation of input validation techniques.

When this vulnerability is exploited, malicious users can potentially perform several harmful actions. These include stealing cookies, session tokens, or other sensitive information stored in the browser. Further, attackers may also perform actions on behalf of authenticated users, such as changing account settings or accessing user data. The stored XSS attack can lead to a compromised user experience and could be used as a stepping-stone to infiltrate more critical systems within an organization's network.

REFERENCES

• https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4c3j-3h7v-22q9
• https://nvd.nist.gov/vuln/detail/CVE-2025-62780