Plattform
php
Komponente
cve-md
Behoben in
1.0.1
CVE-2025-3251 describes a problematic cross-site scripting (XSS) vulnerability discovered in admintwo version 1.0. This flaw allows attackers to inject malicious scripts via manipulation of the 'motto' argument within the /user/updateSet file. Affected versions include 1.0 through 1.0. A patch is available in version 1.0.1.
Successful exploitation of CVE-2025-3251 allows an attacker to inject arbitrary JavaScript code into the web application. This can lead to a variety of malicious outcomes, including stealing user session cookies, redirecting users to phishing sites, or defacing the website. The remote nature of the vulnerability means an attacker does not need to be on the same network as the target system. The impact is amplified if the application handles sensitive user data or performs critical operations, as an attacker could potentially gain unauthorized access and control.
This vulnerability has been publicly disclosed. The CVSS score is LOW, indicating a relatively low probability of exploitation in the absence of specific targeting. No public proof-of-concept exploits have been widely reported, but the disclosure suggests that attackers may be actively seeking to exploit this vulnerability. The vulnerability was published on 2025-04-04.
Admintwo installations running version 1.0 are directly at risk. Shared hosting environments that utilize admintwo are particularly vulnerable, as a compromise of one user's installation could potentially impact other users on the same server. Organizations relying on admintwo for critical functions should prioritize patching.
• php / web:
curl -I 'http://your-admintwo-site.com/user/updateSet?motto=<script>alert("XSS")</script>' | grep HTTP/1.1• generic web:
curl -s 'http://your-admintwo-site.com/user/updateSet?motto=<script>alert("XSS")</script>' | grep alertdisclosure
Exploit-Status
EPSS
0.15% (35% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-3251 is to upgrade to admintwo version 1.0.1, which contains the fix. If upgrading immediately is not possible, consider implementing input validation and sanitization on the 'motto' parameter to prevent malicious code injection. Web application firewalls (WAFs) configured to detect and block XSS attacks can also provide a temporary layer of protection. After upgrading, confirm the vulnerability is resolved by attempting to inject a simple script via the 'motto' parameter and verifying that it is not executed.
Actualizar a una versión parcheada o eliminar el software. Debido a que no hay información sobre una versión corregida, la única solución es eliminar el software o contactar al proveedor para obtener un parche.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-3251 is a cross-site scripting (XSS) vulnerability in admintwo version 1.0, allowing attackers to inject malicious scripts via the 'motto' parameter.
Yes, if you are running admintwo version 1.0, you are affected by this vulnerability. Versions prior to 1.0.1 are vulnerable.
Upgrade to admintwo version 1.0.1 to resolve the vulnerability. Input validation and WAF rules can provide temporary mitigation.
While no widespread exploitation has been confirmed, the public disclosure suggests attackers may be actively seeking to exploit this vulnerability.
Refer to the admintwo project's official website or repository for the advisory related to CVE-2025-3251.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.