CVE-2025-2616: yangyouwang 杨有旺 crud 简约后台管理系统 Role Management Page cross site scripting
First published: Sat Mar 22 2025(Updated: )
A vulnerability classified as problematic has been found in yangyouwang 杨有旺 crud 简约后台管理系统 1.0.0. Affected is an unknown function of the component Role Management Page. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| yangyouwang crud 简约后台管理系统 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-2616?
CVE-2025-2616 is classified as a problematic vulnerability due to its potential for cross-site scripting.
How do I fix CVE-2025-2616?
To fix CVE-2025-2616, it is recommended to validate and sanitize user inputs on the Role Management Page to prevent cross-site scripting.
Which components are affected by CVE-2025-2616?
CVE-2025-2616 affects the Role Management Page in the yangyouwang crud 简约后台管理系统.
Is CVE-2025-2616 exploitable remotely?
Yes, CVE-2025-2616 can be exploited remotely, making it critical to address.
What kind of attack can CVE-2025-2616 facilitate?
CVE-2025-2616 can facilitate cross-site scripting attacks, allowing attackers to inject malicious scripts into web pages.
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/title
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/severity
- agent/author
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/yangyouwang
- canonical/yangyouwang crud 简约后台管理系统