How severe is CVE-2025-7902?

CVE-2025-7902 has a CVSS v3 score of 3.5 (LOW).

CVE-2025-7902

Name: ruoyi
Author: ruoyi

3.5LOW

A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The

Veröffentlicht: 7/20/2025Aktualisiert: 8/8/2025

Beschreibung

A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

KI-AnalyseKI-gestützt

Betroffene Produkte

ruoyiruoyi

Referenzen

https://github.com/yangzongzhuan/RuoYi/issues/294
Exploit
https://github.com/yangzongzhuan/RuoYi/issues/294#issue-3211205807
Exploit
https://vuldb.com/?ctiid.317016
Permissions RequiredVDB Entry
https://vuldb.com/?id.317016
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.618354
Third Party AdvisoryVDB Entry
https://github.com/yangzongzhuan/RuoYi/issues/294
Exploit