CVE-2025-1301 – Yordam Informatics Library Automation System Reflected Cross-site Scripting Vulnerability

May 2, 2025

CVE ID : CVE-2025-1301

Published : May 2, 2025, 11:15 a.m. | 1 hour, 57 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Yordam Informatics Library Automation System allows Reflected XSS.This issue affects Library Automation System: before 21.6.

Severity: 7.4 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-2421 – Profelis Informatics SambaBox Code Injection Vulnerability

Next Article CVE-2025-0427 – Arm Ltd Bifrost GPU, Valhall GPU, Arm 5th Gen GPU Architecture After Free Information Disclosure

Highlights

CVE-2025-5186 – Thinkgem JeeSite SSRF

May 26, 2025

CVE ID : CVE-2025-5186

Published : May 26, 2025, 1:15 p.m. | 3 hours, 42 minutes ago

Description : A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

15 Essential Skills to Look for When Hiring Node.js Developers for Enterprise Projects (2025-2026)

African training program creates developers with cloud-native skills

React.js for SaaS Platforms: How Top Development Teams Help Startups Launch Faster

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

LastPass can now warn or block logins to shadow SaaS apps – here’s how

Get up to a year of Adobe Creative Cloud access for 40% off

Got 6 hours? This free AI training from Google and Goodwill can boost your resume today

Why I recommend this budget phone with a paper-like screen over ‘minimalist’ devices

Laravel Boost, your AI coding starter kit

Laravel Boost, your AI coding starter kit

Using GitHub Copilot in VS Code

Optimizely Mission Control – Part I

Top 20 kubectl Commands Every Kubernetes Beginner Must Know

Top 20 kubectl Commands Every Kubernetes Beginner Must Know

Microsoft’s record stock run collides with Nadella’s admission that 15,000 layoffs still ‘hurt’

Microsoft and Adobe Power Up Fantasy Premier League Fans with AI – Here’s How

CVE-2025-1301 – Yordam Informatics Library Automation System Reflected Cross-site Scripting Vulnerability

PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads

The Wild West of Shadow IT

Gamaredon Uses Infected Removable Drives to Breach Western Military Mission in Ukraine

Eufy’s new smart display gives Amazon and Google a run for their money – how it works

HPE Performance Cluster Manager Vulnerability Allow Remote Attacker to Bypass Authentication

40+ Best Free Photoshop Actions & Effects in 2025

CVE-2025-5186 – Thinkgem JeeSite SSRF

CVE-2025-33043 – APTIOV BIOS Improper Input Validation Vulnerability

CVE-2025-36041 – IBM MQ Operator Private Key Configuration Vulnerability

21 million employee screenshots leaked in bossware breach blunder

CVE-2025-1301 – Yordam Informatics Library Automation System Reflected Cross-site Scripting Vulnerability

Related Posts