CVE-2025-44108 is a stored Cross-Site Scripting (XSS) vulnerability identified in the administration panel of Flatpress CMS versions prior to 1.4. The vulnerability arises specifically in the gallery captions component, where an attacker with administrative privileges can inject malicious JavaScript code that is persistently stored within the system. When other users or administrators access the affected gallery captions, the malicious script executes in their browsers. This type of vulnerability falls under CWE-79, indicating improper neutralization of input during web page generation. The CVSS 3.1 base score is 4.8, reflecting a medium severity level. The vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N indicates that the attack can be performed remotely over the network with low attack complexity, but requires high privileges (admin access) and user interaction (such as viewing the malicious content). The vulnerability impacts confidentiality and integrity by allowing script execution that could steal session tokens, manipulate displayed data, or perform actions on behalf of the user. Availability is not affected. There are no known exploits in the wild at the time of publication, and no patches have been linked yet. The vulnerability is significant because it allows persistent script injection in an administrative context, potentially leading to privilege escalation or lateral movement within the CMS environment.

For European organizations using Flatpress CMS, particularly those managing content with gallery features, this vulnerability poses a risk of unauthorized script execution within their administrative interfaces. Although exploitation requires administrative privileges, a compromised or malicious insider could leverage this vulnerability to execute arbitrary scripts, potentially stealing sensitive information such as authentication tokens or manipulating administrative functions. This could lead to further compromise of the CMS, defacement, or unauthorized data access. Given the persistent nature of the stored XSS, the malicious payload could affect multiple administrators or users who access the gallery captions, amplifying the impact. European organizations in sectors such as media, education, or government that rely on Flatpress CMS for content management may face reputational damage, data confidentiality breaches, and operational disruptions if this vulnerability is exploited. Additionally, the vulnerability's scope includes confidentiality and integrity impacts, which are critical for compliance with European data protection regulations like GDPR.

To mitigate this vulnerability, European organizations should first verify if they are using Flatpress CMS versions prior to 1.4 and specifically utilize the gallery captions feature. Immediate steps include restricting administrative access to trusted personnel only and enforcing strong authentication mechanisms such as multi-factor authentication to reduce the risk of privilege abuse. Administrators should avoid entering untrusted data into gallery captions and sanitize any input manually if possible. Monitoring and logging administrative actions related to gallery captions can help detect suspicious activity. Since no official patches are currently linked, organizations should closely monitor Flatpress CMS vendor communications for updates or security patches addressing this issue. As a temporary workaround, disabling the gallery captions feature or restricting its usage until a patch is available can reduce exposure. Additionally, implementing Content Security Policy (CSP) headers can help mitigate the impact of XSS by restricting the execution of unauthorized scripts in the browser. Regular security training for administrators to recognize and avoid injection of malicious content is also recommended.