CVE-2025-52036
BaseFortify
Publication date: 2025-08-26
Last updated on: 2025-09-17
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| exe-system | notescms | From 2024-05-08 (inc) to 2025-03-31 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Stored Cross-Site Scripting (XSS) issue in the NotesCMS application, specifically affecting the /index.php?route=categories page. It occurs because the application does not properly sanitize or escape user input in the service description titles, allowing an attacker to inject malicious JavaScript code. This code is stored persistently on the server and executes whenever the affected page is viewed, potentially leading to unauthorized actions such as session hijacking or website defacement. [1, 2]
How can this vulnerability impact me? :
The vulnerability allows attackers to execute arbitrary JavaScript code in the browsers of users who visit the affected page. This can lead to theft of sensitive information like cookies, session tokens, and credentials, impersonation of users, unauthorized actions on behalf of users, injection of phishing pages, propagation of malware, and defacement or disruption of the website. These impacts can compromise user security and reduce trust in the affected application. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to inject a test JavaScript payload into the title field of the service descriptions on the /index.php?route=categories page and then observing if the script executes when the page is viewed. For example, injecting a payload such as <script>alert('test')</script> into the title field and then visiting the categories page to see if a popup appears confirms the presence of the stored XSS vulnerability. Automated scanning tools or manual testing using web proxies (e.g., Burp Suite) can be used to inject and monitor such payloads. Specific commands depend on the tools used, but a simple curl command to submit a payload might look like: curl -X POST -d "title=<script>alert('test')</script>" http://your-notescms-site/index.php?route=categories. Then, accessing the page in a browser to check for script execution confirms detection. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the NotesCMS application to the fixed version that includes commit 95322c5121dbd7070f3bd54f2848079654a0a8ea dated 2025-03-31, which addresses the stored XSS vulnerability. If updating is not immediately possible, apply input validation and output encoding to sanitize user inputs on the /index.php?route=categories page, especially the title field of service descriptions, to prevent malicious script injection. Additionally, consider implementing Web Application Firewall (WAF) rules to block common XSS payloads and monitor for suspicious activity. Educate users and administrators about the risk and avoid clicking on suspicious links until the patch is applied. [2]