CVE-2025-56252
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-15

Last updated on: 2025-09-20

Assigner: MITRE

Description
Cross Site Scripting (xss) vulnerability in ServitiumCRM 2.10 allowing attackers to execute arbitrary code via a crafted URL to the mobile parameter.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-15
Last Modified
2025-09-20
Generated
2026-06-16
AI Q&A
2025-09-15
EPSS Evaluated
2026-06-14
NVD
CVE-2025-56252
EUVD
EUVD-2025-29196
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
pathinfotech servitiumcrm 2.10
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-56252 is a critical Reflected Cross-Site Scripting (XSS) vulnerability in ServitiumCRM 2.10. It occurs because the 'mobile' parameter in the web interface does not properly sanitize or encode user input before reflecting it back on the page. Attackers can craft malicious URLs containing JavaScript code that executes in the victim's browser when clicked, allowing unauthorized script execution within the context of the ServitiumCRM domain. [1]

Impact Analysis

This vulnerability can lead to session hijacking, credential theft, phishing attacks, browser exploitation, and application defacement. Attackers can steal authentication cookies, capture login credentials via fake prompts, redirect users to malicious websites, or inject keyloggers by distributing malicious URLs through phishing emails or social media. Once a victim interacts with such a URL, the injected scripts run with the permissions of the ServitiumCRM domain, compromising sensitive data and user accounts. [1]

Detection Guidance

This vulnerability can be detected by testing the 'mobile' parameter in the ServitiumCRM web interface for reflected Cross-Site Scripting (XSS). You can craft URLs with payloads such as mobile=\"><img src=x onerror=prompt(1)> and observe if the JavaScript executes in the browser. Using tools like curl or wget to send requests with such payloads and analyzing the response for reflected scripts can help detect the issue. For example, you can use: curl -v 'http://target/servitiumcrm?mobile=\"><img src=x onerror=prompt(1)>' and check if the payload is reflected unencoded in the response body. Additionally, web vulnerability scanners that test for reflected XSS can be used to automate detection. [1]

Mitigation Strategies

Immediate mitigation steps include implementing strict input validation and sanitization on the 'mobile' parameter using a whitelist approach, and ensuring proper output encoding of all reflected user inputs. Deploying a restrictive Content Security Policy (CSP) to block unauthorized scripts is recommended. Additionally, set HTTP-only and Secure flags on session cookies to prevent JavaScript access. Conduct user awareness training on phishing and social engineering, and perform regular security audits and penetration testing to identify and remediate vulnerabilities. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-56252. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart