CVE-2025-6700 – Xuxueli xxl-sso Remote Cross-Site Scripting Vulnerability

June 26, 2025

CVE ID : CVE-2025-6700

Published : June 26, 2025, 4:15 p.m. | 51 minutes ago

Description : A vulnerability classified as problematic was found in Xuxueli xxl-sso 1.1.0. This vulnerability affects unknown code of the file /xxl-sso-server/login. The manipulation of the argument errorMsg leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6701 – Xuxueli xxl-sso Open Redirect Vulnerability

Next Article CVE-2025-6699 – LabRedesCefetRJ WeGIA Cross Site Scripting Vulnerability

Highlights

CVE-2025-4743 – Code-projects Employee Record System SQL Injection Vulnerability

May 16, 2025

CVE ID : CVE-2025-4743

Published : May 16, 2025, 4:15 a.m. | 4 hours, 44 minutes ago

Description : A vulnerability classified as critical was found in code-projects Employee Record System 1.0. Affected by this vulnerability is an unknown functionality of the file /dashboard/getData.php. The manipulation of the argument keywords leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

tRPC vs GraphQL vs REST: Choosing the right API design for modern web applications

Jakarta EE 11 Platform launches with modernized Test Compatibility Kit framework

Can Good UX Protect Older Users From Digital Scams?

Warp 2.0 evolves terminal experience into an Agentic Development Environment

The top 4 Bluetooth speakers I’m taking everywhere this summer (including a surprise pick)

Your Android phone is getting a big security upgrade for free – here’s what’s new

How a 5-minute circuit scan saved me hundreds (and exposed a serious wiring surprise)

Using AI saves teachers ‘six weeks per year,’ Gallup poll finds – but at what cost?

billboard.js 3.16.0 release: ✨ bar trending line & improved resizing performance!

billboard.js 3.16.0 release: ✨ bar trending line & improved resizing performance!

ISO 20022 – End of MT Coexistence for Cash Instructions Fast Approaching

Building Trust and Shaping the Future: Implementing Responsible AI – Part 2

Windows 11 KB5060826 fixes slow Search, direct download links

Windows 11 KB5060826 fixes slow Search, direct download links

Rilasciata Tails 6.17: Più Privacy e Sicurezza con le Nuove Funzionalità

Rilasciata Deepin 25: La distribuzione GNU/Linux immutabile con assistente vocale e pacchetti universali

CVE-2025-6700 – Xuxueli xxl-sso Remote Cross-Site Scripting Vulnerability

Citrix Bleed 2 flaw now believed to be exploited in attacks

Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign

SpeakStream: Streaming Text-to-Speech with Interleaved Data

Building a Physics-Based Character Controller with the Help of AI

This OnePlus Open bundle deal gets you a $300 smartwatch for free – how to qualify

OpenAI upgrades ChatGPT with Codex – and I’m seriously impressed (so far)

CVE-2025-4743 – Code-projects Employee Record System SQL Injection Vulnerability

Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool

Best Bread brand Hyderabad

Microsoft Defender will allow SOC teams and admins to refine the threat detection process

CVE-2025-6700 – Xuxueli xxl-sso Remote Cross-Site Scripting Vulnerability

Related Posts