CVE-2025-15134 | yourmaileyes MOOC up to 1.17 Submission MainController.java subreview cross site scripting (Issue 12)

A vulnerability was found in yourmaileyes MOOC up to 1.17. It has been classified as problematic. This affects the function subreview of the file mooc/controller/MainController.java of the component Submission Handler. Performing manipulation of the argument review results in cross site scripting.

This vulnerability is identified as CVE-2025-15134. The attack can be initiated remotely. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2025-15134 | yourmaileyes MOOC up to 1.17 Submission MainController.java subreview cross site scripting (Issue 12)

Post correlati

CVE-2025-0630 | Western Telematic Network Power Switch NPS up to 6.62 Web Interface file inclusion (icsa-25-035-01)

CVE-2023-46047 | Sane 1.2.1 Config File sanei_configure_attach null pointer dereference

CVE-2024-37081 | VMware vCenter Server/Cloud Foundation sudo improper authentication

CVE-2023-23438 | Honor LGE-AN00 prior 6.0.0.188 unknown vulnerability