How severe is CVE-2025-7901?

CVE-2025-7901 has a CVSS v3 score of 4.3 (MEDIUM).

CVE-2025-7901

Name: ruoyi
Author: ruoyi

4.3MEDIUM

A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been rated as problematic. This issue affects some unknown processing of the file /swagger-ui/index.html of the component Swagger U

Publicado: 7/20/2025Actualizado: 9/11/2025

Descripción

A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been rated as problematic. This issue affects some unknown processing of the file /swagger-ui/index.html of the component Swagger UI. The manipulation of the argument configUrl leads to cross site scripting. The attack may be initiated remotely.

Análisis IAImpulsado por IA

Productos Afectados

ruoyiruoyi

Referencias

https://github.com/yangzongzhuan/RuoYi/issues/293
ExploitIssue TrackingVendor Advisory
https://vuldb.com/?ctiid.317015
Permissions RequiredVDB Entry
https://vuldb.com/?id.317015
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.618353
Third Party AdvisoryVDB Entry