Plateforme
php
Composant
xunruicms
Corrigé dans
4.6.1
4.6.2
4.6.3
4.6.4
CVE-2025-2131 is a cross-site scripting (XSS) vulnerability affecting XunRuiCMS versions 4.6.0 through 4.6.3. This flaw allows attackers to inject malicious scripts into the application, potentially compromising user sessions and stealing sensitive data. The vulnerability resides within the Friendly Links Handler component and can be triggered by manipulating the Website Address parameter. A patch is available in version 4.6.4.
Successful exploitation of CVE-2025-2131 allows an attacker to execute arbitrary JavaScript code within the context of a user's browser. This can lead to session hijacking, defacement of the website, redirection to malicious sites, and theft of sensitive information such as login credentials or personal data. The impact is amplified if the XunRuiCMS site is used to manage sensitive data or handle financial transactions. While the CVSS score is LOW, the ease of exploitation and potential for user compromise make this a significant risk, particularly for sites with a large user base or high-value data.
This vulnerability has been publicly disclosed, increasing the likelihood of exploitation. No known active campaigns targeting this specific CVE have been reported as of the publication date. There are no known public proof-of-concept exploits readily available, but the ease of exploitation suggests that such exploits may emerge. The vulnerability is not currently listed on the CISA KEV catalog.
Websites and applications utilizing XunRuiCMS versions 4.6.0 through 4.6.3 are at risk. This includes organizations relying on XunRuiCMS for content management, e-commerce, or other web-based services. Shared hosting environments using XunRuiCMS are particularly vulnerable, as a compromise of one site can potentially affect others on the same server.
• wordpress / composer / npm:
grep -r 'Website Address' /var/www/html/cms/application/plugins/friendlylinks/• generic web:
curl -I http://your-xunruicms-site.com/index.php?m=friendlylinks&a=add&website_address=<script>alert(1)</script>disclosure
Statut de l'Exploit
EPSS
0.08% (percentile 25%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2025-2131 is to upgrade XunRuiCMS to version 4.6.4 or later, which contains the fix. If upgrading immediately is not possible, consider implementing input validation and sanitization on the Website Address parameter within the Friendly Links Handler. Web Application Firewalls (WAFs) can be configured to detect and block malicious requests containing suspicious JavaScript code. Regularly review and update XunRuiCMS plugins and extensions to ensure they are not introducing new vulnerabilities. After upgrade, confirm the vulnerability is resolved by attempting to inject a simple XSS payload into the Website Address field and verifying that the script is not executed.
Mettez à jour XunRuiCMS à une version ultérieure à 4.6.3 pour corriger la vulnérabilité XSS. Si la mise à jour n'est pas possible, examinez et filtrez soigneusement les entrées utilisateur dans le composant Friendly Links Handler, en particulier le champ Adresse du site web, afin d'éviter l'injection de code malveillant. Envisagez de désactiver temporairement la fonctionnalité Friendly Links jusqu'à ce qu'une solution puisse être appliquée.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-2131 is a cross-site scripting (XSS) vulnerability affecting XunRuiCMS versions 4.6.0–4.6.3, allowing attackers to inject malicious scripts.
You are affected if you are using XunRuiCMS versions 4.6.0 through 4.6.3. Upgrade to 4.6.4 or later to mitigate the risk.
Upgrade XunRuiCMS to version 4.6.4 or later. Implement input validation and consider using a WAF as temporary mitigation.
While no active campaigns are confirmed, the vulnerability is publicly disclosed, increasing the risk of exploitation.
Refer to the XunRuiCMS official website or security advisories for the latest information and updates regarding CVE-2025-2131.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.