CVE-2025-4260 zhangyanbo2007 youkefu TemplateController.java impsave deserialization

A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is the function impsave of the file m\web\handler\admin\system\TemplateController.java. The manipulation of the argument dataFile leads to deserialization. The attack may be...

PT-2025-19335 · Unknown · Zhangyanbo2007 Youkefu

Name of the Vulnerable Software and Affected Versions: zhangyanbo2007 youkefu version 4.2.0 and earlier Description: A vulnerability was found in the function impsave of the file mwebhandleradminsystemTemplateController.java. The manipulation of the argument dataFile leads to deserialization. The...