CVE-2025-6700
BaseFortify
Publication date: 2025-06-26
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| xuxueli | xxl-sso | 1.1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6700 is a cross-site scripting (XSS) vulnerability in Xuxueli xxl-sso version 1.1.0, specifically in the /xxl-sso-server/login endpoint. It occurs because the 'errorMsg' parameter is not properly sanitized or escaped before being included in the HTML output. This allows attackers to inject and execute arbitrary JavaScript code in the context of a victim's browser when they visit the affected page. [1, 2]
How can this vulnerability impact me? :
This vulnerability can allow remote attackers to execute malicious scripts in users' browsers without authentication, potentially leading to session hijacking, defacement, or other malicious actions performed on behalf of the victim. Exploitation requires user interaction but can compromise data integrity and user trust. Since the vendor has not provided any mitigation, the risk remains until the product is replaced or patched. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the /xxl-sso-server/login endpoint for reflected cross-site scripting (XSS) via the errorMsg parameter. You can use tools like curl or a web vulnerability scanner to send crafted requests that include JavaScript payloads in the errorMsg parameter and observe if the payload is reflected unsanitized in the response. For example, a curl command to test might be: curl -G 'http://target/xxl-sso-server/login' --data-urlencode 'errorMsg=<script>alert(1)</script>' and then check if the response contains the injected script. Automated scanners or manual inspection of the login page response for unsanitized input reflection can also help detect this issue. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding use of the vulnerable xxl-sso version 1.1.0 or replacing it with an alternative solution, as no vendor fix or patch is available. Additionally, you can implement web application firewall (WAF) rules to block or sanitize requests containing suspicious scripts in the errorMsg parameter. Educate users to be cautious of suspicious links that might exploit this XSS vulnerability. Monitoring and restricting user input on the login endpoint can reduce risk until a proper fix or upgrade is applied. [2]