CVE-2025-2040

Medium CVSS: 5.3

A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected by this vulnerability is an unknown functionality of the file /admin-api/bpm/model/deploy. The manipulation leads to improper neutralization of special elements used in a template engine. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Vendor

Iocoder

Product

Ruoyi-vue-pro

CWE

CWE-791

Yayın Tarihi

2025-03-06 20:15:38

Güncelleme

2025-07-07 18:29:28

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-791 Ruoyi-vue-pro MEDIUM Iocoder 2025

Referanslar

https://github.com/uglory-gll/javasec/blob/main/ruoyi-vue-pro.md https://vuldb.com/?ctiid.298783 https://vuldb.com/?id.298783 https://vuldb.com/?submit.512574

Benzer Kayıtlar

Medium

CVE-2025-10988

A vulnerability was identified in YunaiV ruoyi-vue-pro up to 2025.09. This affects an unknown part of the file /crm/busi…

Medium

CVE-2025-10987

A vulnerability was determined in YunaiV yudao-cloud up to 2025.09. Affected by this issue is some unknown functionality…

Medium

CVE-2025-10278

A flaw has been found in YunaiV ruoyi-vue-pro up to 2025.09. Impacted is an unknown function of the file /crm/contact/tr…

Medium

CVE-2025-10276

A security vulnerability has been detected in YunaiV ruoyi-vue-pro up to 2025.09. This vulnerability affects unknown cod…

Medium

CVE-2025-10277

A vulnerability was detected in YunaiV yudao-cloud up to 2025.09. This issue affects some unknown processing of the file…

Medium

CVE-2025-10275

A weakness has been identified in YunaiV yudao-cloud up to 2025.09. This affects an unknown part of the file /crm/busine…