Cross Site Scripting Vulnerability in Bitwarden PDF File Handler
CVE-2025-5138

5.1MEDIUM

Key Information:

Vendor

Bitwarden

Status
Bitwarden
Vendor
CVE Published:
25 May 2025

Badges

📈 Score: 1,070👾 Exploit Exists🟡 Public PoC📰 News Worthy

What is CVE-2025-5138?

CVE-2025-5138 is a security vulnerability identified in Bitwarden, a popular open-source password management solution designed to securely store and manage sensitive information such as passwords, credit card details, and secure notes. This vulnerability specifically affects the PDF File Handler component in versions up to 2.25.1, which could allow attackers to carry out cross-site scripting (XSS) attacks. Such attacks enable malicious scripts to be injected into web pages viewed by other users, potentially leading to unauthorized access or manipulation of user data and sessions.

If exploited, this vulnerability could negatively impact organizations by compromising the integrity of user credentials, allowing attackers to execute harmful scripts in the context of legitimate users. This could result in data exfiltration, session hijacking, and other malicious activities that undermine user trust and lead to significant security breaches.

Potential impact of CVE-2025-5138

  1. Data Breaches: Exploitation of the vulnerability could allow attackers to steal sensitive information from affected users, including passwords and personal details stored within Bitwarden, leading to potential identity theft and unauthorized access to other services.

  2. Session Hijacking: The XSS vulnerability can facilitate session hijacking, where attackers can impersonate legitimate users, gaining unauthorized access to their accounts and any associated data for further malicious actions.

  3. Reputation Damage: Organizations using Bitwarden could suffer significant reputation loss if users' data is compromised due to this vulnerability, impacting customer trust and potentially leading to financial losses from reduced user engagement or legal implications.

Affected Version(s)

Bitwarden 2.25.0

Bitwarden 2.25.1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-5138 - Proof of Concept

News Articles

favicon imageCVEShield

CVE Trends Dashboard

We're in the process of developing the mobile version of our website to improve your browsing experience on smaller screens. Keep an eye out for its release in the near future.Thank you for your patience!

1 week ago

favicon imageGBHackers News

Bitwarden Flaw Allows Upload of Malicious PDFs, Posing Security Risk

The flaw, designated CVE-2025-5138, allows attackers to execute cross-site scripting (XSS) attacks through malicious PDF files uploaded.

1 week ago

favicon imagewindowsnews.ai

Bitwarden PDF XSS Vulnerability (CVE-2025-5138): Risks & Mitigation Strategies

Bitwarden's CVE-2025-5138 exposes users to XSS attacks via PDF uploads. Learn about the risks and how to protect your data.

1 week ago

References

https://vuldb.com/?id.310219
vdb-entry
https://vuldb.com/?ctiid.310219
signaturepermissions-required
https://vuldb.com/?submit.572263
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • 📰

    First article discovered by windowsnews.ai

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

XU17 (VulDB User)
.
CVE-2025-5138 : Cross Site Scripting Vulnerability in Bitwarden PDF File Handler