Batch Validator - Reflected cross-site scripting (XSS)
Summary
| Name | Batch Validator - Reflected cross-site scripting (XSS) |
| Code name | skims-0006 |
| Product | Batch Validator |
| Affected versions | Version |
| State | Private |
| Release date | 2025-03-14 |
Vulnerability
| Kind | Reflected cross-site scripting (XSS) |
| Rule | Reflected cross-site scripting (XSS) |
| Remote | No |
| CVSSv4 Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L/E:U |
| CVSSv4 Base Score | 4.8 (Medium) |
| Exploit available | No |
| CVE ID(s) | CVE-2025-31291 |
Description
Batch Validator
was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/batch-validator.php.
Vulnerability
Skims by Fluid Attacks discovered a Reflected cross-site scripting (XSS) in Batch Validator . The following is the output of the tool:
Skims output
101 | function dprx_bval_loadjs() {
102 | ?>
103 | <script type=""text/javascript"">
104 | function dprx_bval_js() {
105 | document.getElementById('dprx_loadingstatus').style.display = 'block';
106 | document.getElementById('dprx_batchvalidator').innerHTML = '<?php _e('Starting Validation. Please wait.','dprx_bval') ?
107 | dprxu = new Ajax.PeriodicalUpdater(
108 | 'dprx_batchvalidator',
> 109 | '<?php bloginfo(""wpurl""); ?>/wp-admin/index.php?page=<?php echo $_REQUEST['page']; ?>',
110 | {method: 'get',
111 | frequency: 0.3,
112 | parameters:'dprx_bval_ajax=1',
113 | insertion: Insertion.Top,
114 | evalScripts: true}
115 | );
116 | }
117 | </script>
118 | <?php
119 | }
^ Col 0
Our security policy
We have reserved the ID CVE-2025-31291 to refer to this issue from now on.
System Information
- Product: Batch Validator
- Version:
Mitigation
There is currently no patch available for this vulnerability.
Credits
The vulnerability was discovered by Andres Roldan from Fluid Attacks' Offensive Team using Skims
Timeline
2025-03-14
Vulnerability discovered.
2025-03-14
Vendor contacted.
