3 matches found
Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting
Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting XSS via the flag parameter in menu.jsp. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution. id: CVE-2025-2710 info: name: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting author:...
CVE-2025-2710
creationtimestamp| type| source ---|---|--- 2025-03-25 01:05:44+00:00| seen| https://t.me/cvedetector/21009 2025-07-16 13:27:11+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-2710.yaml 2025-07-17 21:02:31+00:00| seen|...
CVE-2025-2710
Yonyou UFIDA ERP-NC 5.0 is reported vulnerable to a reflected cross-site scripting (XSS) flaw in the /menu.jsp file, triggered by manipulating the flag parameter. The issue stems from unsanitized user input reflected in the response. Impact details indicate potential arbitrary JavaScript executio...