CVE-2025-15134 | yourmaileyes MOOC up to 1.17 Submission MainController.java subreview cross site scripting (Issue 12)

A vulnerability was found in yourmaileyes MOOC up to 1.17. It has been classified as problematic. This affects the function subreview of the file mooc/controller/MainController.java of the component Submission Handler. Performing manipulation of the argument review results in cross site scripting.

This vulnerability is identified as CVE-2025-15134. The attack can be initiated remotely. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2025-15134 | yourmaileyes MOOC up to 1.17 Submission MainController.java subreview cross site scripting (Issue 12)

Post correlati

CVE-2024-1950 | Product Carousel Slider & Grid Ultimate for WooCommerce Plugin code injection

CVE-2024-56352 | JetBrains TeamCity up to 2024.11 Agent Details Page image name cross site scripting

CVE-2025-6585 | WP JobHunt Plugin up to 7.2 on WordPress cs_remove_profile_callback resource injection

CVE-2024-22019 | Node.js HTTP Request denial of service