CVE-2025-66492
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-12

Last updated on: 2025-12-22

Assigner: GitHub, Inc.

Description
Masa CMS is an open source Enterprise Content Management platform. Versions 7.2.8 and below, 7.3.1 through 7.3.13, 7.4.0-alpha.1 through 7.4.8 and 7.5.0 through 7.5.1 are vulnerable to XSS when an unsanitized value of the ajax URL query parameter is directly included within the <head> section of the HTML page. An attacker can execute arbitrary scripts in the context of the user's session, potentially leading to Session Hijacking, Data Theft, Defacement and Malware Distribution. This issue is fixed in versions 7.5.2, 7.4.9, 7.3.14, and 7.2.9. To work around this issue, configure a Web Application Firewall (WAF) rule (e.g., ModSecurity) to block requests containing common XSS payload characters in the ajax query parameter. Alternatively, implement server-side sanitization using middleware to strip or escape dangerous characters from the ajax parameter before it reaches the vulnerable rendering logic.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-12
Last Modified
2025-12-22
Generated
2026-06-16
AI Q&A
2025-12-12
EPSS Evaluated
2026-06-14
NVD
CVE-2025-66492
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
masacms masacms to 7.2.9 (exc)
masacms masacms From 7.3.1 (inc) to 7.3.14 (exc)
masacms masacms From 7.4.0 (inc) to 7.4.9 (exc)
masacms masacms From 7.5.0 (inc) to 7.5.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a Cross-Site Scripting (XSS) issue in Masa CMS versions 7.2.8 and below, 7.3.1 through 7.3.13, 7.4.0-alpha.1 through 7.4.8, and 7.5.0 through 7.5.1. It occurs because an unsanitized value of the ajax URL query parameter is directly included within the <head> section of the HTML page. This allows an attacker to inject and execute arbitrary scripts in the context of the user's session.

Impact Analysis

The vulnerability can lead to several serious impacts including Session Hijacking, Data Theft, Defacement, and Malware Distribution by allowing attackers to execute arbitrary scripts within the user's session context.

Detection Guidance

This vulnerability can be detected by monitoring HTTP requests to the Masa CMS application for the presence of the ajax URL query parameter containing common XSS payload characters. You can use network traffic inspection tools or web server logs to identify suspicious requests. For example, using command-line tools like grep on web server logs to search for suspicious ajax parameter values or using tools like curl or wget to test the ajax parameter with typical XSS payloads. Specific commands are not provided in the available information.

Mitigation Strategies

Immediate mitigation steps include configuring a Web Application Firewall (WAF) rule, such as with ModSecurity, to block requests containing common XSS payload characters in the ajax query parameter. Alternatively, implement server-side sanitization using middleware to strip or escape dangerous characters from the ajax parameter before it reaches the vulnerable rendering logic. Additionally, upgrading Masa CMS to fixed versions 7.5.2, 7.4.9, 7.3.14, or 7.2.9 will resolve the issue.

Compliance Impact

The vulnerability allows attackers to execute arbitrary scripts in the context of a user's session, potentially leading to session hijacking and data theft. Such unauthorized access and data compromise could result in violations of data protection regulations like GDPR and HIPAA, which mandate the protection of personal and sensitive information. Therefore, if exploited, this vulnerability could negatively impact compliance with these standards by exposing protected data and failing to ensure adequate security controls. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-66492. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart