← Zuruck zu CVEs
CVE-2025-15134
LOW3.5
Beschreibung
A security flaw has been discovered in yourmaileyes MOOC up to 1.17. This affects the function subreview of the file mooc/controller/MainController.java of the component Submission Handler. Performing manipulation of the argument review results in cross site scripting. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. The project was informed of the problem early through an issue report but has not responded yet.
CVE Details
CVSS v3.1 Bewertung3.5
SchweregradLOW
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionREQUIRED
Veroffentlicht12/28/2025
Zuletzt geandert12/29/2025
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-79CWE-94
Referenzen
https://github.com/yourmaileyes/MOOC/issues/12(cna@vuldb.com)
https://vuldb.com/?ctiid.338512(cna@vuldb.com)
https://vuldb.com/?id.338512(cna@vuldb.com)
https://vuldb.com/?submit.713955(cna@vuldb.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.