DOM Based XSS Vulnerability in YesWiki Wiki System
CVE-2025-24017

7.6HIGH

Key Information:

Vendor
Yeswiki
Status
Yeswiki
Vendor
CVE Published:
21 January 2025

What is CVE-2025-24017?

CVE-2025-24017 is a vulnerability identified in the YesWiki Wiki System, a PHP-based application designed for collaborative content creation. This vulnerability allows an attacker to execute a DOM-based cross-site scripting (XSS) attack, which can be triggered when a user clicks on a maliciously crafted link. The flaw arises due to improper sanitization of user input when the search by tag feature reflects invalid tags on the page. Exploiting this vulnerability can significantly undermine organizational security, allowing unauthorized parties to gain access to user accounts, manipulate content, and extract sensitive information.

Technical Details

The vulnerability exists in versions of YesWiki up to and including 4.4.5. When a tag that does not exist is searched, the application does not sanitize this input correctly on the server side, leading to the reflection of this unsanitized input back to the client browser. If a user clicks on a crafted link containing such a tag, the XSS vulnerability can be exploited. This allows attackers to execute arbitrary JavaScript code in the context of the users' sessions within YesWiki, compromising user sessions and the integrity of the content managed within the platform. Version 4.5.0 has been patched to resolve this issue.

Potential impact of CVE-2025-24017

  1. Account Takeover: By exploiting this vulnerability, an attacker can gain control over user accounts. This could lead to unauthorized access to confidential data and administrative functions within the YesWiki system.

  2. Data Theft and Manipulation: Attackers can extract sensitive user data, such as email addresses and personal information, or modify existing content, which can lead to misinformation being disseminated within the organization.

  3. Compromised System Integrity: The ability to execute arbitrary scripts could allow attackers to inject malicious code or conduct further attacks within the system, jeopardizing the overall integrity and availability of the YesWiki instance.

Affected Version(s)

yeswiki < 4.5.0

References

https://github.com/YesWiki/yeswiki/security/advisories/GH...
x_refsource_CONFIRM
https://github.com/YesWiki/yeswiki/commit/c1e28b593949579...
x_refsource_MISC

CVSS V3.1

Score:
7.6
Severity:
HIGH
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.