CVE-2025-3241

Medium CVSS: 5.3

A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0. This affects an unknown part of the file src/main/java/com/ukefu/webim/web/handler/admin/callcenter/CallCenterRouterController.java of the component XML Document Handler. The manipulation of the argument routercontent leads to xml external entity reference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Vendor

Zhangyanbo2007

Product

Youkefu

CWE

CWE-610

Yayın Tarihi

2025-04-04 11:15:40

Güncelleme

2025-10-10 16:43:36

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-610 Youkefu MEDIUM Zhangyanbo2007 2025

Referanslar

https://github.com/askqiu/cve/blob/main/README.md https://vuldb.com/?ctiid.303267 https://vuldb.com/?id.303267 https://vuldb.com/?submit.547585

Benzer Kayıtlar

Medium

CVE-2025-4260

A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is…

Medium

CVE-2025-4258

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu up to 4.2.0. Affected is the func…

Medium

CVE-2025-3381

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu 4.2.0. This affects an unknown pa…

Medium

CVE-2025-2997

A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical. Affected is an unknown fu…