CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2617 – yangyouwang 杨有旺 crud 简约后台管理系统 Department Page cross site scripting
https://notcve.org/view.php?id=CVE-2025-2617
22 Mar 2025 — A vulnerability classified as problematic was found in yangyouwang 杨有旺 crud 简约后台管理系统 1.0.0. Affected by this vulnerability is an unknown functionality of the component Department Page. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://gitee.com/yangyouwang/crud/issues/IBSPOX • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2616 – yangyouwang 杨有旺 crud 简约后台管理系统 Role Management Page cross site scripting
https://notcve.org/view.php?id=CVE-2025-2616
22 Mar 2025 — A vulnerability classified as problematic has been found in yangyouwang 杨有旺 crud 简约后台管理系统 1.0.0. Affected is an unknown function of the component Role Management Page. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://gitee.com/yangyouwang/crud/issues/IBSPOX • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •