Login Sign Up

CVE-2025-50574

6.1 MEDIUM
Cross-Site Scripting

📋 TL;DR

This cross-site scripting (XSS) vulnerability in Glamour Salon Management System v1 allows attackers to inject malicious scripts into blog comments. When users view compromised blog pages, the scripts execute in their browsers, potentially stealing session cookies or redirecting to malicious sites. All users of the vulnerable version are affected.

💻 Affected Systems

Products:
  • Glamour Salon Management System
Versions: v1.0
Operating Systems: Any OS running PHP web server
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with blog functionality enabled and accessible.

📦 What is this software?

Glamour Salon Management System by Hiruna

View all CVEs affecting Glamour Salon Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain full system access, deface websites, or install malware on visitor browsers.

🟠

Likely Case

Attackers hijack user sessions, steal credentials, or redirect users to phishing sites via malicious blog comments.

🟢

If Mitigated

Script execution is blocked by browser security features or content security policies, limiting impact to minor UI manipulation.

🌐 Internet-Facing: HIGH
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept available on GitHub. Exploitation requires no authentication and minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Download updated blog-details.php from official repository if available. 2. Replace vulnerable file. 3. Test blog comment functionality.

🔧 Temporary Workarounds

Input Sanitization

PHP

Add HTML entity encoding to blog comment parameters in blog-details.php

Modify PHP code to use htmlspecialchars() or htmlentities() on user input

Disable Blog Comments

PHP

Temporarily disable blog comment functionality until patch is available

Remove or comment out comment submission form in blog-details.php

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block XSS payloads in blog parameters
  • Deploy Content Security Policy (CSP) headers to restrict script execution sources

🔍 How to Verify

Check if Vulnerable:

Test blog comment field with XSS payload: <script>alert('XSS')</script> and check if script executes

Check Version:

Check system version in admin panel or readme files

Verify Fix Applied:

Retest with same XSS payload; script should be displayed as text, not executed

📡 Detection & Monitoring

Log Indicators:

  • Unusual blog comment submissions containing script tags or JavaScript code
  • Multiple failed comment submissions with special characters

Network Indicators:

  • HTTP requests to blog-details.php with script tags in parameters
  • Outbound connections to suspicious domains after blog page views

SIEM Query:

source="web_logs" AND uri="*blog-details.php*" AND (param="*<script>*" OR param="*javascript:*")

📊 Metadata

CVE ID: CVE-2025-50574
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.08% exploit probability (24.5th percentile)
Published: October 30, 2025
Last Updated: November 6, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-50574, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)