zhujunliang3 work_platform Content cross site scripting_CVE-2025-15249

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X

Description

A weakness has been identified in zhujunliang3 work_platform up to 6bc5a50bb527ce27f7906d11ea6ec139beb79c31. This vulnerability affects unknown code of the component Content Handler. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The project was informed of the problem early through an issue report but has not responded yet.

Basic Information

ID CVE-2025-15249

Source VulDB

Published Dec 30, 2025 at 13:02

Affected Product

Vendor zhujunliang3

Product work_platform

Version 6bc5a50bb527ce27f7906d11ea6ec139beb79c31

Affected Versions zhujunliang3 work_platform 6bc5a50bb527ce27f7906d11ea6ec139beb79c31

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A weakness has been identified in zhujunliang3 work_platform up to 6bc5a50bb527ce27f7906d11ea6ec139beb79c31. This vulnerability affects unknown code of the component Content Handler. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The project was informed of the problem early through an issue report but has not responded yet.",
    "published": "2025-12-30T13:02:07.732Z",
    "modified": "2025-12-30T13:02:07.732Z",
    "type": "cve",
    "title": "zhujunliang3 work_platform Content cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.338639\nhttps://vuldb.com/?ctiid.338639\nhttps://gitee.com/zhujunliang3/work_platform/issues/ICLUJ2",
    "id": "CVE-2025-15249",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "zhujunliang3 work_platform 6bc5a50bb527ce27f7906d11ea6ec139beb79c31",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "work_platform",
    "version": "6bc5a50bb527ce27f7906d11ea6ec139beb79c31",
    "vendor": "zhujunliang3",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}