CVE-2025-63551
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-06

Last updated on: 2026-02-04

Assigner: MITRE

Description
A Server-Side Request Forgery (SSRF) vulnerability, achievable through an XML External Entity (XXE) injection, exists in MetInfo Content Management System (CMS) thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the server to initiate an HTTP request to an arbitrary internal or external network address. Successful exploitation could lead to internal network reconnaissance, port scanning, or the retrieval of sensitive information. The vulnerability may be present in the backend API called by or associated with the path `/admin/#/webset/?head_tab_active=0`, where user-provided XML data is processed.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-06
Last Modified
2026-02-04
Generated
2026-06-16
AI Q&A
2025-11-06
EPSS Evaluated
2026-06-15
NVD
CVE-2025-63551
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
metinfo metinfo to 8.1 (inc)
metinfo content_management_system *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-611 The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a Server-Side Request Forgery (SSRF) caused by an XML External Entity (XXE) injection in the MetInfo CMS up to version 8.1. It occurs due to a flaw in the XML parsing logic, allowing an attacker to craft a malicious XML entity that makes the server send HTTP requests to arbitrary internal or external network addresses. This happens when user-provided XML data is processed, particularly in the backend API related to the path /admin/#/webset/?head_tab_active=0.

Impact Analysis

Exploiting this vulnerability can allow an attacker to perform internal network reconnaissance, port scanning, or retrieve sensitive information from the server or internal network. This can lead to unauthorized access to internal resources, exposure of confidential data, and potentially further attacks within the network.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-63551. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart