CVE-2025-25461

MEDIUM

SeedDMS 6.0.29 - Stored Cross-Site Scripting via Category Name Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-25461. PoCs published by RoNiXxCybSeC0101.

AI-analyzed exploit summary This repository contains a detailed writeup and proof-of-concept for CVE-2025-25461, a stored XSS vulnerability in SeedDMS 6.0.29. The vulnerability allows users with 'Add Category' permissions to inject malicious scripts into category names, which execute when documents are viewed.

Description

A Stored Cross-Site Scripting (XSS) vulnerability exists in SeedDMS 6.0.29. A user or rogue admin with the "Add Category" permission can inject a malicious XSS payload into the category name field. When a document is subsequently associated with this category, the payload is stored on the server and rendered without proper sanitization or output encoding. This results in the XSS payload executing in the browser of any user who views the document.

Exploits (1)

nomisec WRITEUP 2 stars
by RoNiXxCybSeC0101 · poc
https://github.com/RoNiXxCybSeC0101/CVE-2025-25461

This repository contains a detailed writeup and proof-of-concept for CVE-2025-25461, a stored XSS vulnerability in SeedDMS 6.0.29. The vulnerability allows users with 'Add Category' permissions to inject malicious scripts into category names, which execute when documents are viewed.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: SeedDMS 6.0.29
Auth required
Prerequisites: User with 'Add Category' permissions
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References

Scores

CVSS v3 5.4
EPSS 0.0047
EPSS Percentile 36.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (1)
seeddms/seeddms 6.0.29
Published Feb 28, 2025
Tracked Since Feb 18, 2026