CVE-2025-25296

CVE-2025-25296 is a cross-site scripting (XSS) vulnerability, classified under CWE-79, affecting Label Studio, an open source data labeling tool, in versions prior to 1.16.0. The flaw exists in the `/projects/upload-example` endpoint, which permits injection of arbitrary HTML via a GET request using a specially crafted `label_config` query parameter. Attackers can supply a maliciously formatted XML label config with inline task data containing HTML/JavaScript, which the endpoint renders without proper sanitization.

The vulnerability enables exploitation over the network with low complexity and no privileges required, though it depends on user interaction, earning a CVSS v3.1 base score of 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). An attacker crafts a malicious URL targeting the endpoint and tricks victims into visiting it, leading to arbitrary JavaScript execution in their browsers within the Label Studio context. Although a Content Security Policy is present, its report-only mode renders it ineffective against script execution. Successful attacks can result in theft of sensitive data, session hijacking, or other client-side malicious actions.

Label Studio version 1.16.0 includes a patch addressing the issue. For mitigation details, refer to the GitHub security advisory at https://github.com/HumanSignal/label-studio/security/advisories/GHSA-wpq5-3366-mqw4 and the patching commit at https://github.com/HumanSignal/label-studio/commit/8cf6958e1e27ef6a03ed287e674470975d340885.