What is CVE-2025-1154?

A critical SQL injection vulnerability exists in xxyopen Novel up to version 3.4.1, affecting remote access to sensitive functionality. Organizations should prioritize patching to mitigate risks.

What is the severity of CVE-2025-1154?

CVE-2025-1154 has a severity rating of MEDIUM with a CVSS base score of 5.3.

CVE-2025-1154 | Medium Vulnerability in xxyopen Novel

A vulnerability, which was classified as critical, has been found in xxyopen Novel up to 3.4.1. Affected by this issue is some unknown functionality of the file /api/front/search/books. The manipulation of the argument sort leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

The CVSS score is 5.3, indicating a medium severity vulnerability. Organizations should address this vulnerability in their patch cycle as it poses a risk to the integrity and confidentiality of their systems. The urgency is moderate, given that the exploit has been publicly disclosed.

Risk to organizations includes potential unauthorized access and data manipulation. Attackers may leverage this vulnerability to execute SQL injection attacks, which could result in significant data breaches or system compromise. Hence, organizations should prioritize patching immediately.

It is crucial to remain vigilant and monitor any suspicious activities related to this vulnerability as part of a comprehensive security strategy.

Vulnerability Details

This vulnerability allows SQL injection through the manipulation of the sort argument in the /api/front/search/books endpoint. The affected software is xxyopen Novel, with the critical classification indicating severe potential impacts. The CVSS score of 5.3 suggests a medium severity level, and it has been classified under CWE-74 and CWE-89.

Technical Analysis

The root cause of this vulnerability stems from insufficient input validation on the sort argument, which allows attackers to manipulate SQL queries executed by the application. The attack vector is network-based, indicating that exploitation can occur remotely. The attack complexity is low, suggesting that minimal skill is required to execute an attack.

The privileges required to exploit this vulnerability are low, meaning attackers do not need elevated access to initiate an attack. User interaction is not required, making this vulnerability more dangerous as it can be exploited without user consent.

The confidentiality, integrity, and availability impacts are all categorized as low. However, organizations should be aware that successful exploitation could lead to unauthorized data access and manipulation, thus maintaining a vigilant security posture is essential.

Risk & Impact Analysis

Real-world deployment risks include the potential for data breaches, unauthorized data access, and system integrity compromise. This vulnerability presents a significant risk to organizations using xxyopen Novel, especially those exposing the affected API to the internet.

The urgency assessment based on the CVSS score and public exploit availability necessitates immediate attention. Organizations should prioritize patching this vulnerability in their security management processes.

Signal	Status
Known Exploit	Yes
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions prior to vendor patch are affected, specifically versions of xxyopen Novel up to 3.4.1.

Mitigation & Remediation

Organizations should update xxyopen Novel to the latest version to mitigate this vulnerability. If immediate patching is not feasible, consider implementing web application firewalls (WAFs) to filter malicious SQL queries.

For further guidance on security measures, organizations may refer to penetration testing services.

Detection Guidance

Monitoring logs for unusual SQL query patterns or error messages related to the /api/front/search/books endpoint can help detect potential exploitation attempts. Behavioral anomalies should be investigated immediately.

AppSecure Threat Intelligence Insight

This vulnerability highlights the ongoing need for robust input validation in web applications. Organizations should leverage this case to enhance their security posture by adopting comprehensive security testing strategies.

For further insights into application security, organizations should review our application security assessment best practices.

Additionally, exploring our vulnerability management program can provide a structured approach to identifying and mitigating vulnerabilities.

Lastly, organizations should consider our insights on penetration testing methodology to strengthen their defensive strategies against vulnerabilities like CVE-2025-1154.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-1154: Medium Vulnerability in xxyopen Novel