CVE-2025-1892 | shishuocms 1.1 Directory Deletion Page /manage/folder/add.json folderName cross site scripting

Posted by Angelo Barbosa | Mar 3, 2025 | CVE

A vulnerability was found in shishuocms 1.1. It has been classified as problematic. Affected is an unknown function of the file /manage/folder/add.json of the component Directory Deletion Page. The manipulation of the argument folderName leads to cross site scripting.

This vulnerability is traded as CVE-2025-1892. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-1892 | shishuocms 1.1 Directory Deletion Page /manage/folder/add.json folderName cross site scripting

Related Posts

CVE-2025-24633 | silverplugins217 Build Private Store for Woocommerce Plugin up to 1.0 on WordPress authorization

CVE-2024-28130 | OFFIS DCMTK 3.6.8 createFromImage type conversion (TALOS-2024-1957)

CVE-2023-24676 | Processwire 3.0.210 New Module Installation download_zip_url Privilege Escalation

CVE-2024-38346 | Apache CloudStack up to 4.18.2.0/4.19.0.1 Service Port 9090 code injection