{"uuid": "b421d4cc-b1c6-405e-8be9-6c3f97ee6aff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24017", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2417", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24017\n\ud83d\udd39 Description: YesWiki is a wiki system written in PHP. Versions up to and including 4.4.5 are vulnerable to any end-user crafting a DOM based XSS on all of YesWiki's pages which is triggered when a user clicks on a malicious link. The vulnerability makes use of the search by tag feature. When a tag doesn't exist, the tag is reflected on the page and isn't properly sanitized on the server side which allows a malicious user to generate a link that will trigger an XSS on the client's side when clicked. This vulnerability allows any user to generate a malicious link that will trigger an account takeover when clicked, therefore allowing a user to steal other accounts, modify pages, comments, permissions, extract user data (emails), thus impacting the integrity, availability and confidentiality of a YesWiki instance. Version 4.5.0 contains a patch for the issue.\n\ud83d\udccf Published: 2025-01-21T15:37:58.654Z\n\ud83d\udccf Modified: 2025-01-21T15:37:58.654Z\n\ud83d\udd17 References:\n1. https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wphc-5f2j-jhvg\n2. https://github.com/YesWiki/yeswiki/commit/c1e28b59394957902c31c850219e4504a20db98b\n3. https://github.com/YesWiki/yeswiki/blob/doryphore-dev/tools/tags/handlers/page/listpages.php#L84", "creation_timestamp": "2025-01-21T16:00:41.000000Z"}