CVE-2025-4537 – RuoYi-Vue Cleartext Storage of Sensitive Information in Cookie

May 11, 2025

CVE ID : CVE-2025-4537

Published : May 11, 2025, 10:15 a.m. | 2 hours, 12 minutes ago

Description : A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic. Affected by this issue is some unknown functionality of the file ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue of the component Password Handler. The manipulation leads to cleartext storage of sensitive information in a cookie. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

Severity: 3.1 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4538 – KKFileView Unrestricted File Upload Vulnerability

Next Article CVE-2025-4536 – Gosuncn Technology Group Audio-Visual Integrated Management Platform Remote Information Disclosure

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Triple 4K 144Hz displays from something this small blows my mind — CalDigit’s Element 5 Hub tested and reviewed

Ori and the Blind Forest studio head says they could be forced to “shut down” due to the impact of negative Steam reviews for ‘No Rest for the Wicked’

Windows Phone just got its first AI ChatGPT-style app. No, really.

New Xbox games launching this week, from May 12 through May 18 — DOOM: The Dark Ages arrives on Xbox Game Pass

Brisa v0.2.13

Brisa v0.2.13

Build Digital Assets & Earn Through Referrals with Biela — A Genuine Opportunity for Entrepreneurs

Laravel Routing

Triple 4K 144Hz displays from something this small blows my mind — CalDigit’s Element 5 Hub tested and reviewed

Triple 4K 144Hz displays from something this small blows my mind — CalDigit’s Element 5 Hub tested and reviewed

Ori and the Blind Forest studio head says they could be forced to “shut down” due to the impact of negative Steam reviews for ‘No Rest for the Wicked’

Windows Phone just got its first AI ChatGPT-style app. No, really.

CVE-2025-4537 – RuoYi-Vue Cleartext Storage of Sensitive Information in Cookie

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-4558 – WormHole Tech GPM Unauthenticated Password Change Vulnerability

North Korean Hackers Targeted Nearly 18,000 in Phishing Campaign During Martial Law Turmoil

Microsoft Clipchamp is getting a light mode theme

Google Halts Its Diversity and Inclusion Hiring Goals

CVE-2025-4382 – GRUB TPM Auto- decryption Data Exposure

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

Soak Testing: Ensuring Long-Term Software Stability and Performance

Impact of Item Classification in Oracle PDH Cloud on Oracle Inventory Management Cloud

Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability

CVE-2025-4537 – RuoYi-Vue Cleartext Storage of Sensitive Information in Cookie

Related Posts