Reverse Tabnabbing Vulnerability in FeehiCMS by Feehi
CVE-2025-63522

4.6MEDIUM

Key Information:

Vendor: Feehi
Status: FeehiCMS
Vendor: CVE Published:; 1 December 2025

What is CVE-2025-63522?

A Reverse Tabnabbing vulnerability exists in FeehiCMS version 2.1.1 within the Comments Management function. This flaw can potentially allow malicious actors to hijack the user's browsing session by changing the URL of the referring tab, leading to an increased risk of phishing attacks. It necessitates immediate attention to mitigate associated risks and enhance user security.

References

https://github.com/liufee/cms/issues/76

https://github.com/kiwi865/CVEs/blob/main/CVE-2025-63522.md

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 1, 2025
Vulnerability Reserved
Oct 27, 2025

CVE-2025-63522 Data

JSON