CVE-2025-25296: 
Python vulnerability analysis and mitigation

Label Studio, an open source data labeling tool, was found to contain a Cross-Site Scripting (XSS) vulnerability prior to version 1.16.0. The vulnerability was discovered on February 14, 2025, affecting the /projects/upload-example endpoint. The vulnerability allows injection of arbitrary HTML through a GET request with an appropriately crafted label_config query parameter (GitHub Advisory).

The vulnerability exists in the upload-example endpoint which renders user-provided HTML content without proper sanitization on a GET request. By crafting a specially formatted XML label config with inline task data containing malicious HTML/JavaScript, an attacker can achieve Cross-Site Scripting. While the application has a Content Security Policy (CSP), it is only set in report-only mode, making it ineffective at preventing script execution. The vulnerability has been assigned a CVSS v3.1 base score of 6.1 MEDIUM (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) (NVD).

The vulnerability enables attackers to execute JavaScript in victims' contexts by getting them to visit a maliciously crafted URL. This could potentially lead to theft of sensitive data, session hijacking, or other malicious actions. The attack requires user interaction but no special privileges for exploitation (GitHub Advisory).

The vulnerability has been patched in Label Studio version 1.16.0. The fix includes deprecating the GET behavior at the example-config endpoint. Organizations using affected versions should upgrade to version 1.16.0 or later. As a mitigation, it is recommended to enable the Content Security Policy in enforcement mode instead of report-only mode to actively block unauthorized script execution (GitHub Advisory).