CVE-2025-2712 in UFIDA ERP-NC
Resumen (Inglés)
A vulnerability was found in Yonyou UFIDA ERP-NC 5.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /help/top.jsp. The manipulation of the argument langcode leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Divulgación
2025-03-25
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 300733 | Yonyou UFIDA ERP-NC top.jsp secuencias de comandos en sitios cruzados | 79 | Prueba de concepto | No está definido | CVE-2025-2712 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV