CVE-2025-52277

Medium CVSS: 6.1

Cross Site Scripting vulnerability in YesWiki v.4.54 allows a remote attacker to execute arbitrary code via a crafted payload to the meta configuration robots field

Vendor

Yeswiki

Product

Yeswiki

CWE

CWE-79

Yayın Tarihi

2025-09-09 15:15:33

Güncelleme

2025-10-17 20:26:28

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Yeswiki MEDIUM Yeswiki 2025

Referanslar

http://yeswiki.com https://github.com/nakkouchtarek/CVE/tree/main/CVE-2025-52277 https://github.com/nakkouchtarek/CVE/tree/main/CVE-2025-52277

Benzer Kayıtlar

Critical

CVE-2025-46348

YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed…

Medium

CVE-2025-46549

YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an attacker can use a reflected cross-site scripting at…

Medium

CVE-2025-46550

YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the `/?BazaR` endpoint and `idformulaire` parameter are…

Medium

CVE-2025-46347

YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki vulnerable to remote code execution. An arbitra…

High

CVE-2025-46349

YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki is vulnerable to reflected XSS in the file uplo…

Low

CVE-2025-46350

YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an attacker can use a reflected cross-site scripting at…