CVE-2025-3531

Medium CVSS: 5.3

A vulnerability classified as problematic has been found in YouDianCMS 9.5.21. This affects an unknown part of the file /App/Tpl/Admin/Default/Log/index.html. The manipulation of the argument UserName/LogType leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Youdiancms

Product

Youdiancms

CWE

CWE-79

Yayın Tarihi

2025-04-13 06:15:14

Güncelleme

2025-06-27 12:38:40

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-79 Youdiancms MEDIUM Youdiancms 2025

Referanslar

https://github.com/zonesec0/findcve/issues/4 https://github.com/zonesec0/findcve/issues/5 https://vuldb.com/?ctiid.304569 https://vuldb.com/?id.304569 https://vuldb.com/?submit.543080

Benzer Kayıtlar

Medium

CVE-2025-3533

A vulnerability, which was classified as problematic, has been found in YouDianCMS 9.5.21. This issue affects some unkno…

Medium

CVE-2025-3532

A vulnerability classified as problematic was found in YouDianCMS 9.5.21. This vulnerability affects unknown code of the…

Critical

CVE-2024-57052

An issue in youdiancms v.9.5.20 and before allows a remote attacker to escalate privileges via the sessionID parameter i…