CVE-2025-11332
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-06

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was determined in CmsEasy up to 7.7.7. This affects an unknown function in the library lib/inc/view.php of the component URL Handler. Executing a manipulation of the argument PHP_SELF can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-06
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-10-06
EPSS Evaluated
2026-05-05
NVD
CVE-2025-11332
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cmseasy cmseasy From 7.0 (inc) to 7.7.7.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-11332 is a cross-site scripting (XSS) vulnerability in CmsEasy versions up to 7.7.7, specifically in the URL handler component in lib/inc/view.php. It occurs because the PHP_SELF argument is not properly sanitized or encoded before being output to the user's browser, allowing attackers to inject malicious scripts. These scripts execute in the context of other users' browsers, potentially leading to unauthorized actions. Exploitation can be done remotely and requires some user interaction. [1, 2, 3]


How can this vulnerability impact me? :

Exploitation of this vulnerability can lead to session hijacking by stealing cookies and session tokens, website defacement, phishing attacks through injected malicious content, or redirection to malicious sites. This poses severe risks to user security and data privacy, potentially compromising the integrity of the application and the safety of its users. [2, 3]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by searching for the presence of the vulnerable file lib/inc/view.php in CmsEasy versions up to 7.7.7, and by testing the PHP_SELF parameter for improper sanitization. One detection method is using Google dorking with the query inurl:lib/inc/view.php to identify potentially vulnerable targets. Additionally, you can test the URL by injecting a payload such as: http://your_ip/index.php/" > %3Cimg%20src=x%20onerror=alert%601%60%3E?case=user&act=login to see if the script executes, indicating vulnerability. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include: 1) Implement context-aware output encoding to properly encode all user-supplied data before rendering it in HTML output, especially the PHP_SELF parameter, using HTML entity encoding for special characters. 2) Enforce strict input validation to reject any input containing HTML or script tags where inappropriate. 3) Deploy a strict Content Security Policy (CSP) to restrict script execution and resource loading to trusted sources. Since no official vendor patch is available, consider replacing CmsEasy with an alternative product to avoid exposure. [2, 1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart