CVE-2025-7902
3.5LOWA vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The
게시됨: 7/20/2025업데이트됨: 8/8/2025
설명
A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
AI 분석AI 기반
영향받는 제품
ruoyiruoyi
참조
- https://github.com/yangzongzhuan/RuoYi/issues/294Exploit
- https://github.com/yangzongzhuan/RuoYi/issues/294#issue-3211205807Exploit
- https://vuldb.com/?ctiid.317016Permissions RequiredVDB Entry
- https://vuldb.com/?id.317016Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.618354Third Party AdvisoryVDB Entry
- https://github.com/yangzongzhuan/RuoYi/issues/294Exploit