oitcode samarium Pages Image webpage cross site scripting_CVE-2025-9416

4.8 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in oitcode samarium up to 0.9.6. This vulnerability affects unknown code of the file /cms/webpage/ of the component Pages Image Handler. The manipulation results in cross site scripting. The attack may be performed from a remote location. The exploit has been released to the public and may be exploited.

Basic Information

ID CVE-2025-9416

Source VulDB

Published Aug 25, 2025 at 19:32

Modified Aug 25, 2025 at 19:52

Affected Product

Vendor oitcode

Product samarium

Version 0.9.0

Affected Versions oitcode samarium 0.9.0
oitcode samarium 0.9.1
oitcode samarium 0.9.2
oitcode samarium 0.9.3
oitcode samarium 0.9.4
oitcode samarium 0.9.5
oitcode samarium 0.9.6

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in oitcode samarium up to 0.9.6. This vulnerability affects unknown code of the file /cms/webpage/ of the component Pages Image Handler. The manipulation results in cross site scripting. The attack may be performed from a remote location. The exploit has been released to the public and may be exploited.",
    "published": "2025-08-25T19:32:06.890Z",
    "modified": "2025-08-25T19:52:20.705Z",
    "type": "cve",
    "title": "oitcode samarium Pages Image webpage cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.321259\nhttps://vuldb.com/?ctiid.321259\nhttps://vuldb.com/?submit.633921\nhttps://github.com/MaiqueSilva/VulnDB/blob/main/README09.md",
    "id": "CVE-2025-9416",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "oitcode samarium 0.9.0\noitcode samarium 0.9.1\noitcode samarium 0.9.2\noitcode samarium 0.9.3\noitcode samarium 0.9.4\noitcode samarium 0.9.5\noitcode samarium 0.9.6",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "samarium",
    "version": "0.9.0",
    "vendor": "oitcode",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}