CVE-2025-6509 | seaswalker spring-analysis up to 4379cce848af96997a9d7ef91d594aa129be8d71 SimpleController.java echo Name cross site scripting

A vulnerability was found in seaswalker spring-analysis up to 4379cce848af96997a9d7ef91d594aa129be8d71. It has been declared as problematic. Affected by this vulnerability is the function echo of the file /src/main/java/controller/SimpleController.java. The manipulation of the argument Name leads to cross site scripting.

This vulnerability is known as CVE-2025-6509. The attack can be launched remotely. Furthermore, there is an exploit available.

This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

CVE-2025-6509 | seaswalker spring-analysis up to 4379cce848af96997a9d7ef91d594aa129be8d71 SimpleController.java echo Name cross site scripting

Post correlati

CVE-2024-7901 | Scada-LTS 2.7.8 Message Scada cross site scripting

CVE-2025-1404 | ays-pro Secure Copy Content Protection and Content Locking Plugin ays_sccp_reports_user_search authorization

CVE-2024-12927 | 1000 Projects Attendance Tracking Management System 1.0 check_faculty_login.php faculty_emailid sql injection

CVE-2024-20517 | Cisco RV042/RV042G/RV320/RV325 up to 4.2.3.14 heap-based overflow (cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV)