CVE-2025-6347
BaseFortify
Publication date: 2025-06-20
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| fabian | responsive_blog_site | 1.0 |
| fabian | responsive_blog_site | 1.12.4 |
| fabian | responsive_blog_site | 3.3.4 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stored Cross-Site Scripting (XSS) flaw found in the code-projects Responsive Blog software, specifically in the pageViewMembers.php file. It occurs because user inputs in fields like Full Name, Address, City, and Phone are not properly sanitized or escaped before being displayed in the member table. This allows attackers to inject malicious JavaScript code that executes when an administrator views the page, potentially leading to unauthorized actions or data theft. The vulnerability is critical due to its stored nature and is compounded by the use of outdated third-party libraries and default admin credentials. [1, 3]
How can this vulnerability impact me? :
The vulnerability can lead to stored XSS attacks where malicious scripts injected by attackers execute in the context of an administrator's browser. This can result in session hijacking, data theft, unauthorized administrative actions, and compromise of the affected system. The presence of outdated libraries and default admin credentials further increases the risk by enabling attackers to escalate their access and exploit additional vulnerabilities. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the affected page /responsive/resblog/blogadmin/admin/pageViewMembers.php for stored Cross-Site Scripting (XSS) by injecting typical XSS payloads such as <script>alert("XSS")</script> into user input fields like Full Name, Address, City, and Phone, then observing if the script executes when the page is viewed. Additionally, you can use Google dorking with the query inurl:responsive/resblog/blogadmin/admin/pageViewMembers.php to locate potentially vulnerable targets. There is a publicly available proof-of-concept exploit that can be used for testing. Commands for detection might include using curl or wget to submit payloads, or using browser developer tools to inspect the page output for unescaped input. Example command to test injection via curl: curl -X POST -d "fullname=<script>alert('XSS')</script>&address=..." http://target/responsive/resblog/blogadmin/admin/pageViewMembers.php (authentication required). [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected software with an alternative product, as no official vendor patch or mitigation is currently available. Additionally, avoid using default administrator credentials and update or remove outdated third-party libraries such as Bootstrap 3.3.4 and jQuery 1.12.4 to reduce the attack surface. Implement input validation and output escaping on user-controllable fields to prevent script injection. Restrict access to the vulnerable admin page and monitor for suspicious activity. Since no known countermeasures exist, these steps help reduce risk until a patch or fix is released. [2, 3, 1]