Cachecloud Security Vulnerabilities and Issues — Cachecloud CVE List

SohuCachecloud

15 matches found

CVE•added 2025/12/29 8:32 p.m.•12 views

CVE-2025-15204

CVE-2025-15204 affects SohuTV CacheCloud up to version 3.2.0, where the doQuartzList function in QuartzManageController.java is vulnerable to cross-site scripting. The vulnerability can be exploited remotely; exploitation details are publicly disclosed. Connected sources consistently describe the...

4.8CVSS3AI score0.00022EPSS

CVE•added 2025/12/29 6:2 a.m.•10 views

CVE-2025-15175

CVE-2025-15175 affects SohuTV CacheCloud up to 3.2.0. The vulnerability lies in the doAppList/appCommandAnalysis function in AppController.java, where input manipulation can trigger cross-site scripting. Exploitation can be performed remotely, and the exploit is publicly available. Affected versi...

5.4CVSS5.6AI score0.00011EPSS

CVE•added 2025/12/28 5:2 p.m.•9 views

CVE-2025-15145

SohuTV CacheCloud is affected up to version 3.2.0. The vulnerability resides in doTotalList within TotalManageController.java, allowing cross-site scripting due to improper input handling. The flaw can be triggered remotely, and the exploit has been publicly disclosed. Multiple sources confirm th...

6.1CVSS3.2AI score0.00033EPSS

CVE•added 2025/12/29 7:2 p.m.•9 views

CVE-2025-15201

CVE-2025-15201 affects SohuTV CacheCloud up to version 3.2.0. The vulnerability lies in the redirectNoPower function of WebResourceController.java, enabling cross-site scripting. The issue can be exploited remotely and an exploit has been published; multiple feeds confirm the problem and note the...

5.4CVSS3.8AI score0.00018EPSS

CVE•added 2025/12/28 5:32 p.m.•8 views

CVE-2025-15146

CVE-2025-15146 affects SohuTV CacheCloud up to version 3.2.0. The vulnerability resides in doUserList (src/main/java/com/sohu/cache/web/controller/UserManageController.java); manipulated input can trigger cross-site scripting. The attack is remote and the exploit is publicly available. Mitigation...

4.8CVSS5.6AI score0.00033EPSS

CVE•added 2025/12/29 4:2 a.m.•8 views

CVE-2025-15171

The CVE-2025-15171 entry concerns SohuTV CacheCloud up to version 3.2.0, where the vulnerability is in the index function of src/main/java/com/sohu/cache/web/controller/ServerController.java. The root cause is described as a manipulation of the function index that leads to cross-site scripting, w...

5.4CVSS5.5AI score0.00019EPSS

CVE•added 2025/12/29 5:2 a.m.•8 views

CVE-2025-15173

CVE-2025-15173 affects SohuTV CacheCloud up to version 3.2.0. The vulnerability occurs in the advancedAnalysis function of src/main/java/com/sohu/cache/web/controller/InstanceController.java, enabling remote cross-site scripting. Reports indicate the exploit is publicly available. The public advi...

5.4CVSS5.4AI score0.00019EPSS

CVE•added 2025/12/29 4:32 a.m.•7 views

CVE-2025-15172

The CVE-2025-15172 entry concerns SohuTV CacheCloud

5.4CVSS5.5AI score0.00019EPSS

CVE•added 2025/12/29 5:32 a.m.•7 views

CVE-2025-15174

CVE-2025-15174 affects SohuTV CacheCloud up to 3.2.0, where the cross-site scripting vulnerability stems from the doAppAuditList function in AppManageController.java. The issue allows remote exploitation and has publicly disclosed exploit information per connected sources (including Red Hat, NVD,...

5.4CVSS5.2AI score0.00019EPSS

CVE•added 2025/12/29 6:32 p.m.•7 views

CVE-2025-15200

SohuTV CacheCloud up to version 3.2.0 is affected by a cross‑site scripting vulnerability in AppClientDataShowController.java (functions getExceptionStatisticsByClient, getCommandStatisticsByClient, doIndex). The issue enables remote exploitation and, per multiple sources, the exploit is public. ...

4.8CVSS3.2AI score0.00035EPSS

CVE•added 2025/12/29 7:32 p.m.•7 views

CVE-2025-15202

CVE-2025-15202 affects SohuTV CacheCloud up to version 3.2.0. The vulnerability resides in the taskQueueList function of src/main/java/com/sohu/cache/web/controller/TaskController.java, enabling cross-site scripting. It can be exploited remotely and, according to sources, the exploit has been pub...

4.8CVSS2.9AI score0.00022EPSS

CVE•added 2025/12/29 8:2 p.m.•7 views

CVE-2025-15203

SohuTV CacheCloud up to 3.2.0 is affected by a cross-site scripting flaw in the index function of ResourceController.java (src/main/java/com/sohu/cache/web/controller/ResourceController.java). Manipulation of the index function allows remote attackers to trigger XSS, with a public exploit availab...

4.8CVSS3.2AI score0.00022EPSS

CVE•added 2025/12/30 4:2 a.m.•5 views

CVE-2025-15219

SohuTV CacheCloud (up to version 3.2.0) is affected by a cross-site scripting flaw in the doMachineList/doPodList functions of MachineManageController.java. The issue enables remote-triggered XSS, with exploit details publicly disclosed. The vulnerability impact and version context are stated acr...

5.4CVSS3.7AI score0.00028EPSS

CVE•added 2025/12/30 4:32 a.m.•5 views

CVE-2025-15220

SohuTV CacheCloud

6.1CVSS5.6AI score0.00024EPSS

CVE•added 2025/12/30 5:2 a.m.•4 views

CVE-2025-15221

CVE-2025-15221 affects SohuTV CacheCloud up to version 3.2.0. The flaw resides in the index function of AppDataMigrateController.java (src/main/java/com/sohu/cache/web/controller/AppDataMigrateController.java), enabling cross-site scripting. Remote exploitation is possible, and an exploit has bee...

5.4CVSS5.3AI score0.00018EPSS