CVE-2025-40727

Vulnerability

Overview CVE-2025-40727 is a reflected cross-site scripting (XSS) vulnerability found in the /search component of Phoenix Site CMS by Phoenix BV. The flaw resides in the improper sanitization of the s GET parameter, allowing an attacker to inject arbitrary web scripts or HTML into the search page response. This vulnerability was discovered by Gonzalo Aguilar Garcia (6h4ack) and coordinated through INCIBE [1].

Attack

Vector An attacker can exploit this vulnerability by crafting a malicious URL containing a payload in the s parameter and tricking a victim into clicking it. The attack is performed over the network (AV:N) with low attack complexity (AC:L) and no required privileges (PR:N). User interaction (UI:A) is necessary, as the victim must visit the crafted link. No authentication is needed to trigger the injection [1].

Impact

Successful exploitation leads to reflected XSS, allowing the attacker to execute arbitrary code in the context of the victim's browser. This could result in session hijacking, credential theft, defacement, or redirection to malicious sites. The CVSS v4.0 base score for this vulnerability is 5.1 (Medium), with no impact on confidentiality, integrity, or availability of the system itself, but potential low impact on the user's session [1].

Mitigation

Status As of the publication date, no official solution or patch has been provided by the vendor. Users are advised to apply input validation and output encoding for the s parameter, or to restrict access to the search functionality until a fix is available [1].