CVE-2025-6551 | java-aodeng Hope-Boot 1.0.0 WebController.java login errorMsg cross site scripting

Inserito da Angelo Barbosa | Giu 23, 2025 | CVE

A vulnerability was found in java-aodeng Hope-Boot 1.0.0 and classified as problematic. This issue affects the function Login of the file /src/main/java/com/hope/controller/WebController.java. The manipulation of the argument errorMsg leads to cross site scripting.

The identification of this vulnerability is CVE-2025-6551. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-6551 | java-aodeng Hope-Boot 1.0.0 WebController.java login errorMsg cross site scripting

Post correlati

CVE-2024-1772 | Play.ht Make Your Blog Posts Accessible with Text to Speech Audio Plugin code injection

CVE-2024-6113 | itsourcecode Monbela Tourist Inn Online Reservation System 1.0 login.php email sql injection

CVE-2025-4757 | PHPGurukul Beauty Parlour Management System 1.1 /forgot-password.php email sql injection

CVE-2023-5404 | Honeywell Experion Server heap-based overflow