4 matches found
CVE-2025-2490
A vulnerability was found in Dromara ujcms 9.7.5. It has been rated as problematic. Affected by this issue is the function uploadZip/upload of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileUploadController.java of the component File Upload. The manipulation leads to cross site...
CVE-2025-2490
A vulnerability was found in Dromara ujcms 9.7.5. It has been rated as problematic. Affected by this issue is the function uploadZip/upload of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileUploadController.java of the component File Upload. The manipulation leads to cross site...
CVE-2025-2490
Summary: CVE-2025-2490 affects Dromara ujcms 9.7.5 in the File Upload component. The vulnerable code path is the uploadZip/upload function in WebFileUploadController.java, where manipulation leads to cross-site scripting. The attack is described as remote, with public exploit disclosure. Affected...
CVE-2025-2490 Dromara ujcms File Upload WebFileUploadController.java upload cross site scripting
A vulnerability was found in Dromara ujcms 9.7.5. It has been rated as problematic. Affected by this issue is the function uploadZip/upload of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileUploadController.java of the component File Upload. The manipulation leads to cross site...