Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/03/20 2:20 p.m.15 views

CVE-2025-2490

A vulnerability was found in Dromara ujcms 9.7.5. It has been rated as problematic. Affected by this issue is the function uploadZip/upload of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileUploadController.java of the component File Upload. The manipulation leads to cross site...

4.8CVSS6.2AI score0.00295EPSS
Exploits1References1
nvd
nvd
added 2025/03/18 2:15 p.m.17 views

CVE-2025-2490

A vulnerability was found in Dromara ujcms 9.7.5. It has been rated as problematic. Affected by this issue is the function uploadZip/upload of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileUploadController.java of the component File Upload. The manipulation leads to cross site...

5.4CVSS0.00295EPSS
Exploits1References5
cve
cve
added 2025/03/18 2:0 p.m.49 views

CVE-2025-2490

Summary: CVE-2025-2490 affects Dromara ujcms 9.7.5 in the File Upload component. The vulnerable code path is the uploadZip/upload function in WebFileUploadController.java, where manipulation leads to cross-site scripting. The attack is described as remote, with public exploit disclosure. Affected...

5.4CVSS6.2AI score0.00295EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2025/03/18 2:0 p.m.27 views

CVE-2025-2490 Dromara ujcms File Upload WebFileUploadController.java upload cross site scripting

A vulnerability was found in Dromara ujcms 9.7.5. It has been rated as problematic. Affected by this issue is the function uploadZip/upload of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileUploadController.java of the component File Upload. The manipulation leads to cross site...

4.8CVSS0.00295EPSS
Exploits1References5
Rows per page
Query Builder