CVE-2025-4323: MRCMS Edit Article Page cross site scripting
First published: Tue May 06 2025(Updated: )
A vulnerability, which was classified as problematic, has been found in MRCMS 3.1.2. Affected by this issue is some unknown functionality of the component Edit Article Page. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mrcms |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4323?
CVE-2025-4323 is classified as a problematic vulnerability affecting MRCMS 3.1.2.
How does CVE-2025-4323 affect the Edit Article Page component?
CVE-2025-4323 allows for cross site scripting due to manipulation of the Title argument in the Edit Article Page component.
Can CVE-2025-4323 be exploited remotely?
Yes, CVE-2025-4323 can be exploited remotely by attackers.
What versions of MRCMS are impacted by CVE-2025-4323?
CVE-2025-4323 affects MRCMS version 3.1.2.
What are the potential consequences of CVE-2025-4323?
The consequences of CVE-2025-4323 include the potential for attackers to execute malicious scripts in the user's browser.
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/source
- agent/severity
- agent/tags
- agent/event
- vendor/mrcms
- canonical/mrcms