Severity by source
AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Admin authentication required (PR:H), victim interaction needed (UI:R), scope changes to other sessions (S:C); no availability impact.
Primary rating from Vendor (mitre).
CVSS VectorVendor: mitre
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionCVE.org
MRCMS v3.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/group/save.do.
AnalysisAI
Stored cross-site scripting in MRCMS 3.1.2's admin group management endpoint allows an authenticated administrator to inject malicious JavaScript via /admin/group/save.do, which executes in the browser of any other admin who subsequently visits the affected page. The scope-changed CVSS vector (S:C) confirms the impact crosses the security boundary from the injecting session to other users' sessions. A publicly available proof-of-concept exists on GitHub, though EPSS sits at 0.22% (13th percentile), indicating limited observed exploitation activity at time of analysis.
Technical ContextAI
CWE-79 (Improper Neutralization of Input During Web Page Generation) describes the root cause: MRCMS 3.1.2 fails to sanitize or encode user-supplied input before rendering it in the HTML response of the /admin/group/save.do endpoint. The CPE string cpe:2.3:a:mrcms:mrcms:3.1.2:*:*:*:*:*:*:* pinpoints the exact affected release. The CVSS Scope:Changed metric indicates the vulnerability affects a security context beyond the originating session - classically the symptom of stored XSS where a persisted payload is later rendered to other authenticated users. MRCMS is a Java-based content management system hosted on Gitee (https://gitee.com/marker/MRCMS), suggesting a primarily Chinese-market audience and limited external security vetting.
RemediationAI
No vendor-released patched version has been identified at time of analysis; the NVD references point only to the project repository at https://gitee.com/marker/MRCMS and to the POC issue at https://github.com/SimonKang949/Vulnerabilities/issues/6, not to a tagged fix release. Operators should monitor the Gitee repository for a remediation commit or release. As a compensating control, restrict access to the /admin/group/save.do endpoint to the minimum necessary set of administrator accounts, reducing the pool of potential attackers who can inject payloads. Implementing a Content Security Policy (CSP) header that disallows inline scripts will limit the impact of any XSS payload that does execute, though this does not eliminate the underlying injection flaw. Enabling HTTP-only and Secure flags on session cookies limits the value of session-hijacking payloads. These controls reduce exploit impact but do not remediate the root-cause input validation deficiency.
MRCMS 3.1.2 contains a SQL injection vulnerability via the RID parameter in /admin/article/delete.do. Rated high severit
MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming path parameter is not fil
SQL Injection vulnerability in MRCMS v3.1.2 allows attackers to run arbitrary system commands via the status parameter.
MRCMS v3.1.2 was discovered to contain a server-side template injection (SSTI) vulnerability in the component \servlet\D
MRCMS 3.0 contains a Cross-Site Scripting (XSS) vulnerability via /admin/system/saveinfo.do. Rated medium severity (CVSS
A vulnerability was found in MRCMS 3.1.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable,
A vulnerability has been found in MRCMS 3.1.2 and classified as problematic. Rated medium severity (CVSS 4.8), this vuln
An arbitrary file upload vulnerability in the component /file/savefile.do of MRCMS v3.1.2 allows attackers to execute ar
A vulnerability was found in MRCMS 3.1.2 and classified as problematic.do of the component Add Fragment Page. Rated medi
A vulnerability, which was classified as problematic, was found in MRCMS 3.1.2. Rated medium severity (CVSS 4.8), this v
A vulnerability, which was classified as problematic, has been found in MRCMS 3.1.2. Rated medium severity (CVSS 4.8), t
A vulnerability was found in MRCMS 3.1.3 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerabi
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today