Login Sign Up

CVE-2025-57407

5.4 MEDIUM
Cross-Site Scripting

📋 TL;DR

A stored XSS vulnerability in S-Cart's Admin Log Viewer allows authenticated attackers to inject malicious scripts via User-Agent headers. When administrators view security logs, these scripts execute in their browsers, potentially enabling session hijacking or other attacks. This affects S-Cart versions up to 10.0.3 with admin access.

💻 Affected Systems

Products:
  • S-Cart
Versions: <=10.0.3
Operating Systems: All platforms running S-Cart
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in default installation when admin logs are enabled.

📦 What is this software?

Gp247 by Gp247

View all CVEs affecting Gp247 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Administrator account compromise leading to full system takeover, data theft, or deployment of additional malware.

🟠

Likely Case

Session hijacking allowing attacker to perform administrative actions, modify settings, or access sensitive data.

🟢

If Mitigated

Limited impact if proper input validation and output encoding are implemented, restricting script execution.

🌐 Internet-Facing: MEDIUM - Requires authenticated access but affects admin interfaces exposed to the internet.
🏢 Internal Only: MEDIUM - Internal attackers with valid credentials can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires authenticated user access and administrator viewing logs. Exploitation involves crafting malicious User-Agent headers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.0.4 or later

Vendor Advisory: https://github.com/gp247net/core/releases/tag/1.1.24

Restart Required: No

Instructions:

1. Update S-Cart to version 10.0.4 or later. 2. Apply the patch from the GitHub repository. 3. Clear any cached data. 4. Verify the fix by checking the AdminLogController.php file.

🔧 Temporary Workarounds

Disable Admin Log Viewer

all

Temporarily disable the vulnerable log viewer component

Modify S-Cart configuration to disable admin log viewing

Input Validation Filter

all

Implement server-side filtering of User-Agent headers

Add input sanitization for User-Agent in log processing

🧯 If You Can't Patch

  • Restrict admin log access to trusted IP addresses only
  • Implement Content Security Policy (CSP) headers to prevent script execution

🔍 How to Verify

Check if Vulnerable:

Check if S-Cart version is <=10.0.3 and review AdminLogController.php for missing input sanitization

Check Version:

Check S-Cart admin panel or configuration files for version information

Verify Fix Applied:

Verify version is >=10.0.4 and check that User-Agent input is properly sanitized in the controller

📡 Detection & Monitoring

Log Indicators:

  • Unusual User-Agent strings containing script tags or JavaScript in admin logs
  • Multiple failed login attempts followed by suspicious User-Agent entries

Network Indicators:

  • HTTP requests with malicious User-Agent headers to admin endpoints

SIEM Query:

source="web_logs" AND (User-Agent CONTAINS "<script>" OR User-Agent CONTAINS "javascript:") AND uri CONTAINS "admin"

📊 Metadata

CVE ID: CVE-2025-57407
CVSS v3 Score: 5.4 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.07% exploit probability (20.4th percentile)
Published: September 23, 2025
Last Updated: October 8, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-57407, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)