CVE-2025-15146 | SohuTV CacheCloud up to 3.2.0 UserManageController.java doUserList cross site scripting (Issue 366)

Inserito da Angelo Barbosa | Dic 27, 2025 | CVE

A vulnerability has been found in SohuTV CacheCloud up to 3.2.0 and classified as problematic. This impacts the function doUserList of the file src/main/java/com/sohu/cache/web/controller/UserManageController.java. Performing manipulation results in cross site scripting.

This vulnerability was named CVE-2025-15146. The attack may be initiated remotely. In addition, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2025-15146 | SohuTV CacheCloud up to 3.2.0 UserManageController.java doUserList cross site scripting (Issue 366)

Post correlati

CVE-2024-27088 | medikoo es5-ext up to 0.10.62 function#copy/function#toStringTokens redos (ID 201)

CVE-2025-7346 | Pyload up to 0.5.0b3.dev77 permissions (GHSA-x698-5hjm-w2m5)

CVE-2024-12453 | Uptodown APK Download Widget Plugin up to 0.1.2 on WordPress cross site scripting

CVE-2024-0865 | Schneider Electric EcoStruxure IT Gateway hard-coded credentials