CVE-2025-46549
published 2025-04-29CVE-2025-46549: YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an attacker can use a reflected cross-site scripting attack to steal cookies from an…
PriorityP336medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
0.50%
38.9th percentile
YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an attacker can use a reflected cross-site scripting attack to steal cookies from an authenticated user by having them click on a malicious link. Stolen cookies allow the attacker to take over the user’s session. This vulnerability may also allow attackers to deface the website or embed malicious content. This issue has been patched in version 4.5.4.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| yeswiki | yeswiki | < 4.5.4 | 4.5.4 |
| yeswiki | yeswiki | >= 0 < 4.5.4 | 4.5.4 |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting
ghsa·2025-04-29
CVE-2025-46549 [MEDIUM] CWE-79 Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting
Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting
### Summary
**Vulnerable Version:** Yeswiki alert(1)`
### Details
Reflected Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser-side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.
### PoC
1. Visit the endpoint as mentioned below and see that an alert box pops up:
**URL with Payload:** `https://yeswiki.net/?BazaR/bazariframe&id=2&template=%3cs
OSV
Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting
osv·2025-04-29
CVE-2025-46549 [MEDIUM] Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting
Yeswiki Vulnerable to Unauthenticated Reflected Cross-site Scripting
### Summary
**Vulnerable Version:** Yeswiki alert(1)`
### Details
Reflected Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser-side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.
### PoC
1. Visit the endpoint as mentioned below and see that an alert box pops up:
**URL with Payload:** `https://yeswiki.net/?BazaR/bazariframe&id=2&template=%3cs
No detection rules found.
Nuclei
YesWiki <= 4.5.1 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2025-46549 [MEDIUM] YesWiki <= 4.5.1 - Cross-Site Scripting
YesWiki alert(document.domain)","YesWiki")'
- 'status_code == 200'
- 'contains(content_type, "text/html")'
condition: and
# digest: 4a0a0047304502200362ca1190c63e21f2923bf08de7cb7da7b574446b257e6007dfd76d97c7ed0b02210097168371a37ae69e386417974c7fa650ac4099a59a65f245bd361ac61d391a41:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
2025-04-29
Published