CVE-2025-2617: yangyouwang 杨有旺 crud 简约后台管理系统 Department Page cross site scripting
First published: Sat Mar 22 2025(Updated: )
A vulnerability classified as problematic was found in yangyouwang 杨有旺 crud 简约后台管理系统 1.0.0. Affected by this vulnerability is an unknown functionality of the component Department Page. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| yangyouwang crud 简约后台管理系统 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-2617?
CVE-2025-2617 is classified as problematic due to its potential for cross site scripting attacks.
What is affected by CVE-2025-2617?
CVE-2025-2617 affects the Department Page functionality of the yangyouwang crud 简约后台管理系统 version 1.0.0.
How do I fix CVE-2025-2617?
To fix CVE-2025-2617, ensure that input validation and output encoding are properly implemented in the affected component.
What type of attack does CVE-2025-2617 facilitate?
CVE-2025-2617 facilitates cross site scripting (XSS) attacks that can be launched remotely.
Is CVE-2025-2617 exploitable remotely?
Yes, CVE-2025-2617 can be exploited remotely, making it a significant security concern.
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/references
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/yangyouwang
- canonical/yangyouwang crud 简约后台管理系统