CVE-2025-9981 – QuickCMS versions including 6.8 are vulnerable ... (How to Fix)

Q: What is the severity of CVE-2025-9981?

CVE-2025-9981 has a CVSS score of 4.8 (MEDIUM). QuickCMS versions including 6.8 are vulnerable to stored cross-site scripting (XSS) in the slider editor functionality. An attacker with admin privileges can inject malicious HTML and JavaScript that executes on every page, potentially compromising user sessions and website integrity. This affects all QuickCMS installations using the vulnerable slider functionality.

📋 TL;DR

QuickCMS versions including 6.8 are vulnerable to stored cross-site scripting (XSS) in the slider editor functionality. An attacker with admin privileges can inject malicious HTML and JavaScript that executes on every page, potentially compromising user sessions and website integrity. This affects all QuickCMS installations using the vulnerable slider functionality.

💻 Affected Systems

Products:

QuickCMS

Versions: Version 6.8 confirmed vulnerable, other versions potentially affected (vendor did not provide version range)

Operating Systems: All operating systems running QuickCMS

Default Config Vulnerable: ⚠️ Yes

Notes: Requires admin privileges to exploit. Default admin configuration restricts JavaScript injection but this vulnerability bypasses that restriction.

📦 What is this software?

Quick Cms by Opensolution

View all CVEs affecting Quick Cms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Admin-level attacker injects persistent malicious scripts that steal session cookies, redirect users to phishing sites, or deploy malware to all visitors, leading to complete website compromise and data theft.

🟠

Likely Case

Malicious admin or compromised admin account injects tracking scripts, defaces website content, or performs limited session hijacking against users.

🟢

If Mitigated

With proper admin account security and input validation, impact is limited to potential content defacement if admin account is compromised.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires admin-level access. No public exploit code available at time of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: UNKNOWN

Vendor Advisory: None provided

Restart Required: No

Instructions:

No official patch available. Vendor was notified but did not respond with fix details. Consider upgrading to latest version if available or implementing workarounds.

🔧 Temporary Workarounds

Disable Slider Editor Functionality

all

Temporarily disable or remove the vulnerable slider editor component to prevent exploitation.

Remove or rename the sliders-form.php file in QuickCMS installation

Implement Content Security Policy (CSP)

all

Add CSP headers to restrict script execution from unauthorized sources.

Add 'Content-Security-Policy: default-src 'self'; script-src 'self'' to web server configuration

🧯 If You Can't Patch

Implement strict admin account security with strong passwords and multi-factor authentication
Regularly audit admin user activities and monitor for suspicious slider modifications
Consider migrating to alternative CMS if QuickCMS support is unavailable

🔍 How to Verify

Check if Vulnerable:

Check if QuickCMS version is 6.8 or potentially other versions. Test slider editor for HTML/JavaScript injection capability with admin account.

Check Version:

Check QuickCMS version in admin panel or examine CMS configuration files

Verify Fix Applied:

Test slider editor functionality after implementing workarounds to ensure XSS payloads no longer execute.

📡 Detection & Monitoring

Log Indicators:

Unusual admin activity in slider editor
Suspicious HTML/JavaScript patterns in slider content database entries

Network Indicators:

Unexpected external script loads from slider content
Suspicious redirects originating from website pages

SIEM Query:

Search for admin user modifications to slider content containing script tags or JavaScript patterns

📊 Metadata

CVE ID: CVE-2025-9981

CVSS v3 Score: 4.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.04% exploit probability (10.4th percentile)

Published: October 23, 2025

Last Updated: November 17, 2025

🔗 References

https://cert.pl/posts/2025/10/CVE-2025-9980 Third Party Advisory
https://opensolution.org/cms-system-quick-cms.html Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-9981, you might also want to check these: