CVE-2025-14005 – This is a cross-site scripting (XSS) vulnerabil... (How to Fix)

Q: What is the severity of CVE-2025-14005?

CVE-2025-14005 has a CVSS score of 2.4 (LOW). This is a cross-site scripting (XSS) vulnerability in XunRuiCMS up to version 4.7.1 that allows attackers to inject malicious scripts via the data[name] parameter in the admin interface. The vulnerability affects administrators who access the affected functionality, potentially leading to session hijacking or unauthorized actions. Remote attackers can exploit this vulnerability without authentication.

📋 TL;DR

This is a cross-site scripting (XSS) vulnerability in XunRuiCMS up to version 4.7.1 that allows attackers to inject malicious scripts via the data[name] parameter in the admin interface. The vulnerability affects administrators who access the affected functionality, potentially leading to session hijacking or unauthorized actions. Remote attackers can exploit this vulnerability without authentication.

💻 Affected Systems

Products:

dayrui XunRuiCMS

Versions: Up to and including 4.7.1

Operating Systems: All platforms running XunRuiCMS

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the admin interface at /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=0

📦 What is this software?

Xunruicms by Xunruicms

View all CVEs affecting Xunruicms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Administrator account compromise leading to complete system takeover, data theft, or malware deployment

🟠

Likely Case

Session hijacking of admin accounts, unauthorized configuration changes, or credential theft

🟢

If Mitigated

Limited impact with proper input validation and output encoding in place

🌐 Internet-Facing: HIGH - The vulnerable endpoint is accessible remotely and exploitation requires no authentication

🏢 Internal Only: MEDIUM - Internal attackers could exploit this to escalate privileges or compromise admin accounts

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code is available and exploitation requires minimal technical skill

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Input Validation Filter

all

Add server-side validation to sanitize the data[name] parameter

Modify the affected PHP file to include: htmlspecialchars($_POST['data']['name'], ENT_QUOTES, 'UTF-8')

WAF Rule

all

Implement web application firewall rules to block XSS payloads

Add WAF rule: Detect and block requests containing <script>, javascript:, or common XSS patterns in data[name] parameter

🧯 If You Can't Patch

Restrict access to the admin interface using IP whitelisting or VPN
Implement Content Security Policy (CSP) headers to mitigate XSS impact

🔍 How to Verify

Check if Vulnerable:

Test by submitting a payload like <script>alert('XSS')</script> in the data[name] parameter to the vulnerable endpoint

Check Version:

Check XunRuiCMS version in system configuration or admin panel

Verify Fix Applied:

Verify that script tags and other XSS payloads are properly sanitized or blocked

📡 Detection & Monitoring

Log Indicators:

HTTP requests to /admind45f74adbd95.php with suspicious parameters
Admin panel access logs showing script tags in parameters

Network Indicators:

HTTP POST requests containing <script> tags in data[name] parameter

SIEM Query:

source="web_logs" AND uri="/admind45f74adbd95.php" AND (data CONTAINS "<script>" OR data CONTAINS "javascript:")

📊 Metadata

CVE ID: CVE-2025-14005

CVSS v3 Score: 2.4 (LOW)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

CWE: CWE-79

EPSS Score: 0.04% exploit probability (13th percentile)

Published: December 4, 2025

Last Updated: February 24, 2026

🔗 References

https://github.com/24-2021/vul/blob/main/xunruicms-Basic%20Settings-XSS/xunruicms-Basic%20Settings-XSS.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.334247 Permissions Required,VDB Entry
https://vuldb.com/?id.334247 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.692909 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-14005, you might also want to check these: