CVE-2025-8527

Medium CVSS: 5.3

A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument loginUrl leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Vendor

Exrick

Product

Xboot

CWE

CWE-918

Yayın Tarihi

2025-08-04 22:15:29

Güncelleme

2025-08-28 12:10:19

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-918 Xboot MEDIUM Exrick 2025

Referanslar

https://github.com/Exrick/xboot/issues/70 https://github.com/Exrick/xboot/issues/70#issue-3252425972 https://vuldb.com/?ctiid.318653 https://vuldb.com/?id.318653 https://vuldb.com/?submit.622174

Benzer Kayıtlar

High

CVE-2023-36331

Incorrect access control in the /member/orderList API of xmall v1.1 allows attackers to arbitrarily access other users'…

Medium

CVE-2025-65540

Multiple Cross-Site Scripting (XSS) vulnerabilities exist in xmall v1.1 due to improper handling of user-supplied data.…

Medium

CVE-2025-8528

A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is an unknown function of…

Medium

CVE-2025-8526

A vulnerability was found in Exrick xboot up to 3.3.4. It has been declared as critical. This vulnerability affects the…

Medium

CVE-2025-8525

A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown pa…

Critical

CVE-2025-45612

Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted GET request to /index.