プラットフォーム
php
コンポーネント
vul
修正版
4.7.1
4.7.2
CVE-2025-14005 describes a cross-site scripting (XSS) vulnerability discovered in XunRuiCMS versions 4.7.0 through 4.7.1. This flaw allows an attacker to inject malicious scripts into web pages viewed by other users, potentially leading to session hijacking or defacement. The vulnerability resides in the /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=0 endpoint. A public exploit is available, indicating an elevated risk.
Successful exploitation of CVE-2025-14005 allows an attacker to execute arbitrary JavaScript code within the context of a user's browser session. This can be leveraged to steal session cookies, redirect users to malicious websites, or deface the website. The attacker could also use this vulnerability to launch phishing attacks, tricking users into revealing sensitive information. Given the public availability of an exploit, the potential for widespread exploitation is significant, particularly against systems running vulnerable versions of XunRuiCMS.
CVE-2025-14005 has been publicly disclosed and a proof-of-concept exploit is readily available, significantly increasing the likelihood of exploitation. The vulnerability is tracked by the NVD and CISA. The EPSS score is likely to be medium or high due to the public exploit and ease of exploitation. Active campaigns targeting XunRuiCMS are possible, given the vulnerability's accessibility.
Organizations and individuals using XunRuiCMS versions 4.7.0 through 4.7.1 are at risk. This includes websites hosted on shared hosting environments where XunRuiCMS is installed, as well as those using legacy configurations that have not been regularly updated. Those who have not implemented robust input validation and output encoding practices are particularly vulnerable.
• php: Examine web server access logs for requests to /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=0 containing unusual or suspicious characters in the data[name] parameter.
grep 'admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=0.*data[name]=[^a-zA-Z0-9]' /var/log/apache2/access.log• generic web: Use curl to test the endpoint with various payloads and observe the response for signs of script execution.
curl 'http://your-xunruicms-site.com/admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=0&data[name]=<script>alert("XSS")</script>' -sdisclosure
エクスプロイト状況
EPSS
0.04% (13% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2025-14005 is to upgrade XunRuiCMS to a version that addresses this vulnerability. Unfortunately, no fixed version is currently specified. As a temporary workaround, implement strict input validation and output encoding on the data[name] parameter within the /admind45f74adbd95.php endpoint. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide some protection. Regularly review and update your WAF rules to ensure they are effective against emerging threats. After applying any mitigation, thoroughly test the application to ensure functionality remains intact.
Actualizar XunRuiCMS a una versión posterior a 4.7.1, si existe, que corrija la vulnerabilidad XSS. Si no hay una versión corregida disponible, se recomienda aplicar un parche manual que filtre o escape la entrada del campo 'data[name]' en el archivo /admind45f74adbd95.php antes de mostrarla en la interfaz de usuario.
脆弱性分析と重要アラートをメールでお届けします。
CVE-2025-14005 is a cross-site scripting (XSS) vulnerability affecting XunRuiCMS versions 4.7.0-4.7.1, allowing attackers to inject malicious scripts.
You are affected if you are running XunRuiCMS versions 4.7.0 or 4.7.1 and have not upgraded to a patched version.
Upgrade XunRuiCMS to a version that addresses the vulnerability. If upgrading is not immediately possible, implement input validation and output encoding as a temporary workaround.
Due to the public availability of an exploit, CVE-2025-14005 is likely being actively exploited or is at high risk of exploitation.
Check the XunRuiCMS website or security mailing lists for official advisories related to CVE-2025-14005.