CVE-2025-4839 | itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 CrossUtil.java cross-domain policy

Inserito da Angelo Barbosa | Mag 16, 2025 | CVE

A vulnerability has been found in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /paicoding-core/src/main/java/com/github/paicoding/forum/core/util/CrossUtil.java. The manipulation leads to permissive cross-domain policy with untrusted domains.

This vulnerability is known as CVE-2025-4839. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-4839 | itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 CrossUtil.java cross-domain policy

Post correlati

CVE-2024-10316 | jetmonsters Stratum Plugin up to 1.4.4 on WordPress Template Data content-switcher.php information disclosure

CVE-2024-20272 | Cisco Unity Connection unrestricted upload (cisco-sa-cuc-unauth-afu-FROYsCsD)

CVE-2024-9129 | Zend Server up to 9.1 format string

CVE-2024-9093 | SourceCodester Profile Registration without Reload Refresh 1.0 GET Parameter del.php list sql injection