CVE-2025-15374
Unknown Unknown - Not Provided
Cross-Site Scripting in EyouCMS Ask Module Allows Remote Attack

Publication date: 2025-12-31

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was detected in EyouCMS up to 1.7.7. The affected element is an unknown function of the file application/home/model/Ask.php of the component Ask Module. Performing a manipulation of the argument content results in cross site scripting. The attack can be initiated remotely. The exploit is now public and may be used. The vendor is "[a]cknowledging the existence of the vulnerability, we have completed the fix and will release a new version, v1.7.8".
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-31
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-12-31
EPSS Evaluated
2026-06-15
NVD
CVE-2025-15374
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
eyoucms eyoucms 1.7.7
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-15374 is a Stored Cross-Site Scripting (XSS) vulnerability in EyouCMS versions up to 1.7.7, specifically in the Ask Module. It occurs because user-supplied content is improperly handled: the application uses the PHP function htmlspecialchars_decode() when rendering stored content, which reverses HTML entity encoding and allows malicious scripts to execute in other users' browsers. Authenticated attackers can inject malicious JavaScript payloads into question titles, content, answers, or replies. When other users view these pages, the scripts execute, potentially leading to security risks such as session hijacking or privilege escalation. [1, 2, 3]

Impact Analysis

This vulnerability can impact you by allowing attackers to execute malicious scripts in the browsers of users who view the affected content. Potential impacts include session hijacking through cookie theft, credential theft via fake forms, malware distribution by redirecting users, website defacement, and privilege escalation by performing actions as other users. The attack requires an authenticated user to inject the malicious payload and user interaction for the script to execute. [2, 3]

Detection Guidance

This vulnerability can be detected by checking for the presence of the vulnerable Ask.php file in EyouCMS versions up to 1.7.7 and by searching for suspicious user input containing script tags or other XSS payloads in the Ask module content fields. Attackers can identify vulnerable targets using Google dorking with the query: inurl:application/home/model/Ask.php. Additionally, you can monitor HTTP requests and responses for injected scripts in the content argument of the Ask module. There are no specific commands provided, but using web application scanners or manual inspection of the Ask module's input fields for XSS payloads such as <script>alert('XSS')</script> can help detect exploitation attempts. [1, 2]

Mitigation Strategies

Immediate mitigation steps include updating EyouCMS to version 1.7.8 or later where the vulnerability is fixed. If updating is not immediately possible, apply input sanitization by removing the use of htmlspecialchars_decode() on output, use an HTML sanitization library like HTML Purifier to clean user input before storage or output, implement a Content Security Policy (CSP) header to restrict script sources (e.g., header("Content-Security-Policy: script-src 'self'")), and perform input validation to strip dangerous HTML tags. These steps reduce the risk of malicious script execution and protect users from XSS attacks. [2]

Compliance Impact

This vulnerability enables cross-site scripting (XSS) attacks that can lead to session hijacking, credential theft, and unauthorized actions by attackers. Such security breaches can compromise the confidentiality and integrity of user data, potentially violating data protection regulations like GDPR and HIPAA that require safeguarding personal and sensitive information. Therefore, failure to remediate this vulnerability may result in non-compliance with these standards due to inadequate protection against unauthorized data access and manipulation. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-15374. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart