CVE-2025-4839

Low CVSS: 2.3

A vulnerability has been found in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /paicoding-core/src/main/java/com/github/paicoding/forum/core/util/CrossUtil.java. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Vendor

Itwanger

Product

Paicoding

CWE

CWE-346

Yayın Tarihi

2025-05-17 22:15:19

Güncelleme

2025-06-04 20:11:58

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-346 Paicoding LOW Itwanger 2025

Referanslar

https://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250510-02.md https://vuldb.com/?ctiid.309307 https://vuldb.com/?id.309307 https://vuldb.com/?submit.574826 https://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250510-02.md

Benzer Kayıtlar

Medium

CVE-2026-3286

A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save…

Medium

CVE-2025-3967

A vulnerability was found in itwanger paicoding 1.0.3. It has been classified as critical. This affects an unknown part…

Medium

CVE-2025-3966

A vulnerability was found in itwanger paicoding 1.0.3 and classified as problematic. Affected by this issue is some unkn…

Medium

CVE-2025-3965

A vulnerability has been found in itwanger paicoding 1.0.3 and classified as problematic. Affected by this vulnerability…