4 matches found
Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting XSS via the key and redirect parameters in login.jsp. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution. id: CVE-2025-2709 info: name: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scriptin...
CVE-2025-2709
creationtimestamp| type| source ---|---|--- 2025-03-24 20:23:46+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8529 2025-03-24 22:35:03+00:00| seen| https://t.me/cvedetector/20990 2025-03-24 22:39:56+00:00| seen|...
CVE-2025-2709
A vulnerability has been found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This vulnerability affects unknown code of the file /login.jsp. The manipulation of the argument key/redirect leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...
CVE-2025-2709 Yonyou UFIDA ERP-NC login.jsp cross site scripting
A vulnerability has been found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This vulnerability affects unknown code of the file /login.jsp. The manipulation of the argument key/redirect leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...