CVE-2025-63588

EPSS 0.05% · P15 Updated Nov 09, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-63588

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An unauthenticated reflected cross-site scripting vulnerability in the query handling of CMSimpleXH allows remote attackers to inject and execute arbitrary JavaScript in a victim's browser via a crafted request (e.g., a maliciously crafted POST login). Successful exploitation may lead to theft of session cookies, credential disclosure, or other client-side impacts.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

CMSimple_XH 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

CMSimple_XH是CMSimple_XH开源的一个快速、小型、易于使用且易于安装的模块化内容管理系统（CMS）。 CMSimple_XH存在安全漏洞，该漏洞源于查询处理中存在未经验证的反射型跨站脚本，可能导致会话cookie窃取、凭据泄露或其他客户端影响。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2025-63588

#	POC Description	Source Link	Shenlong Link
1	None	https://github.com/cybercrewinc/CVE-2025-63588	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-63588

请登录查看更多情报信息。

Same Patch Batch · n/a · 2025-11-06 · 11 CVEs total

CVE-2025-60541		Prompt Optimizer 安全漏洞
CVE-2025-59392		Elspec G5 安全漏洞
CVE-2025-27917		AnyDesk 安全漏洞
CVE-2025-27919		AnyDesk 安全漏洞
CVE-2025-27916		AnyDesk 安全漏洞
CVE-2025-27918		AnyDesk 安全漏洞
CVE-2025-63589		CMSimple_XH 安全漏洞
CVE-2025-63560		KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder 安全漏洞
CVE-2025-63551		MetInfo CMS 安全漏洞
CVE-2025-63307		Laravel File Manager 安全漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2025-63588

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-63588

I. Basic Information for CVE-2025-63588

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-63588

III. Intelligence Information for CVE-2025-63588

Same Patch Batch · n/a · 2025-11-06 · 11 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-63588

Leave a comment