216.73.217.86

CVE-2025-8527

· Published 04/08/2025 22:15 · Modified 05/08/2025 14:34

Labels: CVE-2025-8527 2025-08-04CVE-2025-8527CWE-918[email protected]

Essential information

Published
04/08/2025 22:15
Modified
05/08/2025 14:34
Author
Creator
CVSS
5.3 MEDIUM (v3) 5.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument loginUrl leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
exrick / xboot cpe:2.3:a:exrick:xboot:<=3.3.4:*:*:*:*:*:*:*

References