CVE-2025-64048 in YCCMSinfo

Zusammenfassung

von MITRE • 24.11.2025

YCCMS 3.4 contains a stored cross-site scripting (XSS) vulnerability in the article management functionality. The vulnerability exists in the add() and getPost() functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

MITRE

Reservieren

27.10.2025

Veröffentlichung

24.11.2025

Moderieren

akzeptiert

Eintrag

VDB-333439

CPE

bereit

CWE

CWE-79 (bestätigt)

CVSS

3.5 (VulDB)

EPSS

0.00024

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-64048
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-64048
CVE Details	https://www.cvedetails.com/cve/CVE-2025-64048/

◂ Zurück Übersicht Weiter ▸

Do you need the next level of professionalism?

Upgrade your account now!