CVE-2025-5383 – Yifang CMS Article Management Module Cross-Site Scripting Vulnerability

May 31, 2025

CVE ID : CVE-2025-5383

Published : May 31, 2025, 3:15 p.m. | 2 hours, 29 minutes ago

Description : A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by this issue is some unknown functionality of the component Article Management Module. The manipulation of the argument Default Value leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5384 – JeeWMS SQL Injection Vulnerability

Next Article CVE-2025-5381 – Yifang CMS Path Traversal Vulnerability

Highlights

CVE-2025-9171 – SolidInvoice Cross-Site Scripting Vulnerability

August 19, 2025

CVE ID : CVE-2025-9171

Published : Aug. 19, 2025, 11:15 p.m. | 2 hours, 28 minutes ago

Description : A security flaw has been discovered in SolidInvoice up to 2.4.0. The impacted element is an unknown function of the file /clients of the component Clients Module. Performing manipulation of the argument Name results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-34509 – Sitecore Experience Manager (XM) and Experience Platform (XP) Hardcoded User Account Remote Authentication Bypass

June 17, 2025

CVE-2025-45814 – NS3000/NS2000 Authentication Bypass

July 2, 2025

Windows 10 KB5055518 remove seconds from the clock, following Windows 11

April 8, 2025

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Building smarter interactions with MCP elicitation: From clunky tool calls to seamless user experiences

From Zero to MCP: Simplifying AI Integrations with xmcp

Distribution Release: Linux Mint 22.2

Coded Smorgasbord: Basically, a Smorgasbord

Drupal 11’s AI Features: What They Actually Mean for Your Team

Drupal 11’s AI Features: What They Actually Mean for Your Team

Why Data Governance Matters More Than Ever in 2025?

Perficient Included in the IDC Market Glance for Digital Business Professional Services, 3Q25

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

CVE-2025-5383 – Yifang CMS Article Management Module Cross-Site Scripting Vulnerability

Critical Linux UDisks Daemon Vulnerability (CVE-2025-8067) Exposes Privileged Data to Local Attackers

Google Slapped with $381 Million Fine in France Over Gmail Ads, Cookie Consent Missteps

CVE-2025-47576 – Bringthepixel Bimber Remote File Inclusion Vulnerability

Rilasciato Incus 6.13: Gestore di Container e Macchine Virtuali

How to install SteamOS on ROG Ally and Legion Go Windows gaming handhelds

Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware

CVE-2025-9171 – SolidInvoice Cross-Site Scripting Vulnerability

CVE-2025-34509 – Sitecore Experience Manager (XM) and Experience Platform (XP) Hardcoded User Account Remote Authentication Bypass

CVE-2025-45814 – NS3000/NS2000 Authentication Bypass

Windows 10 KB5055518 remove seconds from the clock, following Windows 11

CVE-2025-5383 – Yifang CMS Article Management Module Cross-Site Scripting Vulnerability

Related Posts