CVE-2025-12920 in FoxCMSالمعلومات

الملخص

بحسب MITRE • 10/11/2025

A flaw has been found in qianfox FoxCMS up to 1.2.16. Affected by this vulnerability is the function add/edit of the file app/admin/controller/Product.php. This manipulation of the argument Title causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

مسؤول

VulDB

إفشاء

10/11/2025

الاعتدال

تمت الموافقة

إدخال

VDB-331640

استغلال

تحميل

EPSS

0.00323

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you want to use VulDB in your project?

Use the official API to access entries easily!