CVE-2025-1817: Mini-Tmall Admin Name admin cross site scripting
First published: Sun Mar 02 2025(Updated: )
A vulnerability classified as problematic was found in Mini-Tmall up to 20250211. This vulnerability affects unknown code of the file /admin of the component Admin Name Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mini-Tmall | <=20250211 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-1817?
CVE-2025-1817 is classified as a problematic vulnerability due to its potential for cross site scripting attacks.
How do I fix CVE-2025-1817?
To fix CVE-2025-1817, you should upgrade to a version of Mini-Tmall Admin Name Handler that is later than 20250211.
What is the impact of CVE-2025-1817?
The impact of CVE-2025-1817 includes the potential for attackers to exploit cross site scripting vulnerabilities remotely.
Which software is affected by CVE-2025-1817?
CVE-2025-1817 affects Mini-Tmall Admin Name Handler versions up to and including 20250211.
Can CVE-2025-1817 be exploited remotely?
Yes, CVE-2025-1817 can be exploited remotely through cross site scripting.
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/title
- agent/type
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/author
- agent/source
- agent/last-modified-date
- agent/severity
- agent/event
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/mini-tmall
- canonical/mini-tmall