CVE-2025-51965 is a Cross-Site Scripting (XSS) vulnerability affecting OURPHP versions up to and including 8.6.1. The vulnerability exists in the "Name" field of the "Complete Profile" functionality located within the "My User Center" page. This page is accessible after a user registers through the front-end interface, meaning that an attacker must first create an account to exploit the vulnerability. The XSS flaw allows an attacker to inject malicious scripts into the "Name" field, which can then be executed in the context of other users who view the affected profile or page. This type of vulnerability can be leveraged to steal session cookies, perform actions on behalf of other users, or redirect users to malicious websites. Since the vulnerability is in a user-editable profile field, it is likely a stored XSS, which poses a higher risk than reflected XSS because the malicious payload persists and can affect multiple users over time. No CVSS score has been assigned yet, and there are no known exploits in the wild or official patches published at the time of this report. The vulnerability was reserved in mid-June 2025 and published in August 2025, indicating recent discovery and disclosure.

For European organizations using OURPHP, this vulnerability could lead to significant security risks, especially for those relying on the platform for user management or content delivery. Exploitation of this XSS flaw could compromise user accounts by stealing authentication tokens or cookies, leading to unauthorized access and potential data breaches. It could also facilitate phishing attacks by injecting malicious scripts that redirect users to fraudulent sites. The impact extends to the integrity and confidentiality of user data and could damage organizational reputation and trust. Since the vulnerability requires user registration, organizations with open registration policies or public-facing user centers are at higher risk. Additionally, if administrative users or privileged roles access affected profiles, the attacker could escalate privileges or gain deeper access. The absence of known exploits currently reduces immediate risk, but the vulnerability's presence in a widely used CMS-like platform means it could become a target for attackers, especially in sectors with high-value data such as finance, healthcare, and government services in Europe.

Organizations should immediately review and sanitize all user input fields, especially the "Name" field in the "Complete Profile" section, to prevent script injection. Implementing strict input validation and output encoding on the server side is critical to neutralize malicious payloads. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. Since no official patch is available, organizations should consider temporarily disabling the vulnerable profile editing functionality or restricting it to trusted users only. Monitoring user-generated content for suspicious scripts and employing Web Application Firewalls (WAFs) with XSS detection rules can provide additional protection. Educate users about the risks of clicking on suspicious links or executing unexpected scripts. Finally, maintain vigilance for updates from OURPHP developers and apply patches promptly once released.