CVE-2025-70792
Cross-Site Scripting in Microweber 2.0.19 Admin Endpoint
Publication date: 2026-02-05
Last updated on: 2026-02-10
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| microweber | microweber | 2.0.19 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2025-70792 is a Cross-Site Scripting (XSS) vulnerability in Microweber version 2.0.19, specifically in the "/admin/category/create" endpoint.'}, {'type': 'paragraph', 'content': 'The vulnerability occurs because the "rel_id" parameter in the URL is not properly sanitized. An attacker can craft a malicious URL containing JavaScript code within this parameter.'}, {'type': 'paragraph', 'content': 'If an administrator visits this crafted URL, the injected JavaScript code executes in their browser, potentially allowing unauthorized actions or data exposure.'}, {'type': 'paragraph', 'content': 'This issue was reported to the developers and fixed in Microweber version 2.0.20.'}] [1]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability can impact you by allowing an attacker to execute arbitrary JavaScript code in the browser of an administrator who visits a maliciously crafted URL.'}, {'type': 'paragraph', 'content': "Such code execution can lead to unauthorized actions being performed with the administrator's privileges or exposure of sensitive data accessible to the admin."}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by testing the "/admin/category/create" endpoint of Microweber version 2.0.19 for improper sanitization of the "rel_id" parameter. Specifically, you can craft a URL with a JavaScript payload in the "rel_id" parameter and observe if the script executes in the browser.'}, {'type': 'paragraph', 'content': 'For example, visiting a URL like the following on a test system running Microweber 2.0.19 can demonstrate the vulnerability:'}, {'type': 'list_item', 'content': 'http://localhost/admin/category/create?category_subtype=default&data_type=category&id=0&is_hidden=1&parent=blog&parent_id=0&rel_id=%22%3E%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E&rel_type=content'}, {'type': 'paragraph', 'content': 'If an alert popup appears immediately upon visiting this URL, it confirms the presence of the Cross-Site Scripting vulnerability.'}, {'type': 'paragraph', 'content': 'To reproduce or test this safely, you can clone the Microweber repository at version 2.0.19, build and run the application using Docker, and then visit the crafted URL.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'The immediate and recommended step to mitigate this vulnerability is to upgrade Microweber from version 2.0.19 to version 2.0.20 or later, where the issue has been fixed.'}, {'type': 'paragraph', 'content': 'Until the upgrade can be performed, avoid clicking or visiting any URLs that contain suspicious or untrusted "rel_id" parameters in the "/admin/category/create" endpoint, especially if you have admin privileges.'}, {'type': 'paragraph', 'content': 'Additionally, consider implementing web application firewall (WAF) rules to detect and block requests containing suspicious script tags or JavaScript payloads in URL parameters.'}] [1]