CVE-2025-5879 – WuKongOpenSource WukongCRM Remote Cross-Site Scripting Vulnerability

June 9, 2025

CVE ID : CVE-2025-5879

Published : June 9, 2025, 1:15 p.m. | 2 hours, 25 minutes ago

Description : A vulnerability, which was classified as problematic, was found in WuKongOpenSource WukongCRM 9.0. This affects an unknown part of the file AdminSysConfigController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5880 – Whistle Path Traversal Vulnerability

Next Article CVE-2025-5877 – Fengoffice XML External Entity Reference Vulnerability

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

Copilot Vision just launched — and Microsoft already added new features

Master Data Management: The Key to Improved Analytics Reporting

Master Data Management: The Key to Improved Analytics Reporting

Salesforce Lead-to-Revenue Management

React Native 0.80 – React 19.1, JS API Changes, Freezing Legacy Arch and much more

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

CVE-2025-5879 – WuKongOpenSource WukongCRM Remote Cross-Site Scripting Vulnerability

Graphite Spyware Exploits Apple iOS Zero-Click Vulnerability to Attack Journalists

PoC Exploit Released for Critical WebDAV 0-Day RCE Vulnerability Exploited by APT Hackers

Understanding CSS Perspective: Bringing Depth to Your Designs

Xbox price hikes hurt its value against PS5, a Microsoft PM roasts Windows 11, and Bing gets unexpected praise — top tech stories

CVE-2025-4082 – Mozilla Firefox WebGL Out-of-Bounds Read RCE

Shadowenv performs a set of manipulations to the process environment

CVE-2025-48279 – WC MyParcel Belgium Cross-site Scripting (XSS)

CVE-2025-46690 – Ververica Platform SQL Connector Unauthorized Access Vulnerability

Wardrobe is a GNOME customization tool

As an SEO beginner, how can I get traffic for the website I’ve created?

CVE-2025-5879 – WuKongOpenSource WukongCRM Remote Cross-Site Scripting Vulnerability

Related Posts