How severe is CVE-2025-7902?

CVE-2025-7902 has a CVSS v3 score of 3.5 (LOW).

CVE-2025-7902

Name: ruoyi
Author: ruoyi

3.5LOW

A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The

公開日: 7/20/2025更新日: 8/8/2025

説明

A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

AI分析AIによる分析

影響を受ける製品

ruoyiruoyi

参照

https://github.com/yangzongzhuan/RuoYi/issues/294
Exploit
https://github.com/yangzongzhuan/RuoYi/issues/294#issue-3211205807
Exploit
https://vuldb.com/?ctiid.317016
Permissions RequiredVDB Entry
https://vuldb.com/?id.317016
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.618354
Third Party AdvisoryVDB Entry
https://github.com/yangzongzhuan/RuoYi/issues/294
Exploit