Plateforme
php
Composant
vulnerability-research
Corrigé dans
4.1.4
CVE-2025-1548 is a cross-site scripting (XSS) vulnerability affecting Dreamer CMS versions 4.1.3–4.1.3. This flaw allows attackers to inject malicious scripts into the application, potentially compromising user accounts and sensitive data. The vulnerability resides in the /admin/archives/edit file and is triggered by manipulating the editorValue/answer/content parameter. A fix is available in version 4.1.4.
Successful exploitation of CVE-2025-1548 allows an attacker to execute arbitrary JavaScript code within the context of a user's browser session. This can lead to various malicious outcomes, including session hijacking, defacement of the website, and theft of sensitive information like login credentials or personal data. The impact is particularly severe for administrative users, as their accounts could be compromised, granting the attacker full control over the Dreamer CMS installation. Given the public disclosure of this vulnerability, it is crucial to apply the patch promptly to prevent exploitation.
CVE-2025-1548 has been publicly disclosed, increasing the risk of exploitation. The vulnerability is considered LOW severity according to CVSS. Public proof-of-concept exploits are likely to emerge, making it easier for attackers to exploit the flaw. The vulnerability was disclosed on 2025-02-21, and the vendor did not respond. No KEV listing is currently available.
Administrators and users with access to the Dreamer CMS admin panel are at the highest risk. Shared hosting environments using Dreamer CMS are also vulnerable, as a compromised website on one account could potentially impact other accounts on the same server. Users relying on Dreamer CMS for sensitive data management are particularly vulnerable to data theft.
• php: Examine the /admin/archives/edit file for unsanitized input handling of the editorValue/answer/content parameter. Search for instances where user-supplied data is directly outputted to the HTML without proper encoding.
// Example of vulnerable code (simplified)
<?php
echo $_GET['editorValue/answer/content']; ?>• generic web: Monitor access logs for requests to /admin/archives/edit with unusual or suspicious parameters in the editorValue/answer/content field. Look for patterns indicative of XSS payloads (e.g., <script>, javascript:, onerror=).
grep 'editorValue/answer/content=[^a-zA-Z0-9 ]' access.logdisclosure
Statut de l'Exploit
EPSS
0.17% (percentile 38%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2025-1548 is to upgrade Dreamer CMS to version 4.1.4 or later, which includes the necessary fix. If upgrading immediately is not feasible, consider implementing input validation and sanitization on the editorValue/answer/content parameter to prevent malicious script injection. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide an additional layer of protection. Review access logs for suspicious activity related to the /admin/archives/edit endpoint. After upgrading, confirm the vulnerability is resolved by attempting to inject a simple XSS payload into the editorValue/answer/content parameter and verifying that it is properly sanitized.
Actualice Dreamer CMS a una versión posterior a la 4.1.3, si existe, que corrija la vulnerabilidad XSS. Si no hay una versión disponible, considere deshabilitar o eliminar el CMS hasta que se publique una solución. Como medida temporal, puede implementar reglas de filtrado de entrada en el servidor web para bloquear patrones de ataque XSS comunes.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-1548 is a cross-site scripting vulnerability in Dreamer CMS versions 4.1.3–4.1.3, allowing attackers to inject malicious scripts via the /admin/archives/edit endpoint.
You are affected if you are running Dreamer CMS version 4.1.3. Upgrade to 4.1.4 to mitigate the risk.
Upgrade Dreamer CMS to version 4.1.4 or later. Implement input validation and sanitization as a temporary workaround.
The vulnerability has been publicly disclosed, increasing the likelihood of exploitation. Monitor your systems for suspicious activity.
Refer to the Dreamer CMS website or official communication channels for the advisory regarding CVE-2025-1548.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.