CVE-2025-60451 – A stored XSS vulnerability in MetInfo CMS 8.0 a... (How to Fix)

Q: What is the severity of CVE-2025-60451?

CVE-2025-60451 has a CVSS score of 6.1 (MEDIUM). A stored XSS vulnerability in MetInfo CMS 8.0 allows attackers to upload malicious SVG files containing JavaScript code that executes when viewed. This affects websites using MetInfo CMS 8.0 with the vulnerable uploadify.class.php component. Attackers can steal session cookies, redirect users, or perform actions on behalf of authenticated users.

📋 TL;DR

A stored XSS vulnerability in MetInfo CMS 8.0 allows attackers to upload malicious SVG files containing JavaScript code that executes when viewed. This affects websites using MetInfo CMS 8.0 with the vulnerable uploadify.class.php component. Attackers can steal session cookies, redirect users, or perform actions on behalf of authenticated users.

💻 Affected Systems

Products:

MetInfo CMS

Versions: Version 8.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires SVG file upload functionality enabled in website settings module.

📦 What is this software?

Metinfo by Metinfo

View all CVEs affecting Metinfo →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete account takeover, session hijacking, credential theft, website defacement, and malware distribution to visitors.

🟠

Likely Case

Session hijacking leading to unauthorized access, data theft from authenticated users, and website defacement.

🟢

If Mitigated

Limited impact with proper input validation, file type restrictions, and Content Security Policy headers in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access to upload functionality. Public technical details available in referenced advisory.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Monitor MetInfo official channels for security updates. 2. Apply vendor patch when available. 3. Test patch in non-production environment first.

🔧 Temporary Workarounds

Disable SVG file uploads

all

Restrict file uploads to only safe file types by modifying upload configuration.

Modify app/system/include/module/uploadify.class.php to reject SVG files

Implement Content Security Policy

all

Add CSP headers to prevent inline script execution from uploaded files.

Add header: Content-Security-Policy: script-src 'self'

🧯 If You Can't Patch

Implement strict file upload validation to reject SVG files entirely
Deploy WAF rules to block malicious SVG uploads and detect XSS payloads

🔍 How to Verify

Check if Vulnerable:

Check if MetInfo version is 8.0 and SVG uploads are allowed in website settings module.

Check Version:

Check MetInfo version in admin panel or view source for version metadata.

Verify Fix Applied:

Test SVG file upload with embedded JavaScript - should be rejected or sanitized.

📡 Detection & Monitoring

Log Indicators:

SVG file uploads to uploadify endpoint
Large SVG files with script tags in content

Network Indicators:

POST requests to uploadify.class.php with SVG content
SVG files served with script tags

SIEM Query:

source="web_logs" AND uri="/app/system/include/module/uploadify.class.php" AND file_extension="svg"

📊 Metadata

CVE ID: CVE-2025-60451

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.07% exploit probability (20.8th percentile)

Published: October 3, 2025

Last Updated: October 7, 2025

🔗 References

https://snowhy77.github.io/2025/08/22/Stored-XSS-Vulnerability-in-MetInfo-Webset-Module/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-60451, you might also want to check these: