CVE-2025-60298
BaseFortify
Publication date: 2025-10-08
Last updated on: 2025-10-10
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| xxyopen | novel-plus | to 5.2.4 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-60298 is a Stored Cross-Site Scripting (XSS) vulnerability in Novel-Plus versions up to 5.2.4. It occurs via the /author/updateIndexName endpoint, where authenticated attackers can inject malicious JavaScript code into the indexName parameter. This malicious code is stored in the database and executed whenever other users view the affected book chapter listing. The vulnerability exists because this endpoint is not included in the application's XSS filter configuration, allowing the injected scripts to bypass sanitization and execute in users' browsers. [1]
How can this vulnerability impact me? :
This vulnerability can have serious impacts including session hijacking, account takeover, phishing, data theft, privilege escalation, and malware distribution. Since the malicious script executes in the context of any user viewing the affected chapter list, attackers can steal session cookies, hijack accounts, redirect users to malicious sites, or perform unauthorized actions on behalf of users. The attack requires the attacker to be authenticated as an author but can affect all users who view the compromised content. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for POST requests to the /author/updateIndexName endpoint containing suspicious or malicious JavaScript code in the indexName parameter. For example, you can use network traffic inspection tools or web server logs to identify such requests. A simple detection command using curl to test the vulnerability could be: curl -X POST -d "indexName=<script>alert('XSS')</script>" https://your-novel-plus-domain/author/updateIndexName -b cookie.txt where cookie.txt contains authentication cookies for an author account. Additionally, inspecting database entries for stored scripts in the indexName field or reviewing application logs for unusual input patterns can help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to add the /author/updateIndexName endpoint to the XSS filter's urlPatterns configuration in the application.yml file of the novel-front module. This ensures that inputs to this endpoint are properly sanitized to prevent malicious script injection. Until a patch is applied, restrict author access to this endpoint or monitor and block suspicious POST requests to it. Applying input validation and output encoding on the indexName parameter will also help mitigate the risk. [1]