CVE-2025-60452 in MetInfo
Summary
by MITRE • 10/03/2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the download management module, specifically in the app\system\download\admin\download_admin.class.php component. The vulnerability allows attackers to upload malicious SVG files containing JavaScript code that executes when the uploaded file is viewed or accessed by users.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 10/03/2025
The stored cross-site scripting vulnerability in MetInfo CMS version 8.0 represents a significant security risk that exploits improper input validation and output sanitization within the download management module. This vulnerability specifically resides in the app\system\download\admin\download_admin.class.php component where the system fails to adequately validate or sanitize file uploads, particularly SVG files that can contain embedded javascript code. The flaw allows attackers to execute malicious scripts in the context of a victim's browser when they access or view the uploaded malicious files, creating a persistent threat that can affect all users who interact with the compromised download functionality.
The technical implementation of this vulnerability stems from inadequate security controls in the file upload validation process. When users upload files through the download management interface, the system does not properly filter or sanitize SVG file content to prevent the execution of embedded javascript payloads. This weakness aligns with CWE-79, which specifically addresses cross-site scripting vulnerabilities, and demonstrates a failure in input validation and output encoding practices. The vulnerability is classified as stored XSS because the malicious code is permanently stored on the server and executed whenever legitimate users access the affected download files, making it particularly dangerous as it can affect multiple users over time rather than being limited to a single session or request.
The operational impact of this vulnerability extends beyond simple script execution, as it provides attackers with the capability to perform session hijacking, steal sensitive user data, redirect users to malicious websites, or even execute further attacks through the compromised user sessions. The attack vector is particularly concerning because SVG files are commonly used for images and are often considered safe for upload, making the vulnerability more difficult to detect and prevent. This weakness creates a persistent threat that can be exploited by attackers who gain access to the download management functionality, potentially allowing them to compromise user sessions and escalate privileges within the CMS environment. The vulnerability also impacts the integrity and availability of the web application by enabling unauthorized modifications to user sessions and potentially leading to complete system compromise.
Security mitigations for this vulnerability should focus on implementing comprehensive input validation and output sanitization measures within the download management module. Organizations should immediately implement proper file type validation that rejects SVG files containing javascript code or strips all script elements from uploaded SVG files before storage. The system should employ content security policies that prevent script execution in downloaded files and implement proper output encoding when displaying file information to users. Additionally, access controls should be strengthened to ensure that only authorized administrators can upload files through the download management interface, and regular security audits should be conducted to identify similar vulnerabilities in other components of the CMS. This vulnerability highlights the importance of following secure coding practices and implementing defense-in-depth strategies as recommended by the ATT&CK framework, particularly in the context of web application security and file upload validation controls.