CVE-2025-15220 | SohuTV CacheCloud up to 3.2.0 LoginController.java init cross site scripting (Issue 379)

Inserito da Angelo Barbosa | Dic 28, 2025 | CVE

A vulnerability classified as problematic was found in SohuTV CacheCloud up to 3.2.0. This affects the function init of the file src/main/java/com/sohu/cache/web/controller/LoginController.java. The manipulation results in cross site scripting.

This vulnerability is cataloged as CVE-2025-15220. The attack may be launched remotely. Furthermore, there is an exploit available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2025-15220 | SohuTV CacheCloud up to 3.2.0 LoginController.java init cross site scripting (Issue 379)

Post correlati

CVE-2024-39744 | IBM Sterling Connect Direct Web Services 6.0/6.1/6.2/6.3 cross-site request forgery (XFDB-297236)

CVE-2024-6813 | Netgear ProSAFE Network Management System getSortString sql injection

CVE-2025-9157 | appneta tcpreplay up to 4.5.2-beta2 tcprewrite edit_packet.c untrunc_packet use after free (Issue 970)

CVE-2015-10131 | chrisy TFO Graphviz Plugin up to 1.9 on WordPress tfo-graphviz-admin.php admin_page_load/admin_page cross site scripting