CVE-2025-12289
BaseFortify
Publication date: 2025-10-27
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sui_shang_information_technology | suishang_enterprise-level_b2b2c_multi-user_mall_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a reflected Cross-Site Scripting (XSS) flaw in the Suishang Enterprise-Level B2B2C Multi-User Mall System version 1.0. It occurs because the system does not properly sanitize the 'category_id' parameter in the URL path '/Point/index/activity_state/1/category_id/1001'. An attacker can inject malicious JavaScript code into this parameter, which is then reflected back and executed in the victim's browser when they visit a crafted URL. This allows attackers to run arbitrary scripts remotely without authentication, potentially leading to session hijacking, defacement, or other malicious actions. [1, 2, 3]
How can this vulnerability impact me? :
Exploitation of this vulnerability can allow attackers to execute arbitrary JavaScript in the context of users visiting the affected system. This can lead to session hijacking, allowing attackers to impersonate users, steal sensitive information, perform actions on behalf of authenticated users, or conduct phishing attacks. It can also result in website defacement or other malicious activities that compromise the integrity of the system and user trust. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending crafted HTTP GET requests to the vulnerable endpoint `/Point/index/activity_state/1/category_id/1001` with malicious payloads in the `category_id` or `key_type` parameters and observing if the payload is reflected in the response without proper sanitization. Example payloads include strings containing script tags such as `<ScRiPt>alert(9531)</ScRiPt>`. You can use tools like curl or wget to test this. For example, a curl command to test might be: `curl -i 'http://target/Point/index/activity_state/1/category_id/1%22%3E%3Cscript%3Ealert(1)%3C/script%3E'` and check if the response contains the injected script. Additionally, web vulnerability scanners that test for reflected XSS can be used to automate detection. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Implement input sanitization on the server side to validate and reject inputs containing HTML or JavaScript syntax, allowing only safe characters such as alphanumerics and specific symbols. 2) Apply output encoding to user-supplied data before rendering it in HTML, converting special characters like `<`, `>`, and `"` to their HTML entities. 3) Deploy a strict Content Security Policy (CSP) header to restrict script execution, for example: `Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self';`. Since no patches or fixes are currently available and the vendor has not responded, consider replacing the affected product with an alternative solution to avoid exposure. [2, 1]