How severe is CVE-2025-7902?

CVE-2025-7902 has a CVSS v3 score of 3.5 (LOW).

CVE-2025-7902

Name: ruoyi
Author: ruoyi

3.5LOW

A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The

发布于: 7/20/2025更新于: 8/8/2025

描述

A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

AI分析AI驱动

受影响产品

ruoyiruoyi

参考资料

https://github.com/yangzongzhuan/RuoYi/issues/294
Exploit
https://github.com/yangzongzhuan/RuoYi/issues/294#issue-3211205807
Exploit
https://vuldb.com/?ctiid.317016
Permissions RequiredVDB Entry
https://vuldb.com/?id.317016
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.618354
Third Party AdvisoryVDB Entry
https://github.com/yangzongzhuan/RuoYi/issues/294
Exploit