CVE-2025-60837

描述

A reflected cross-site scripting (XSS) vulnerability in MCMS v6.0.1 allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted payload.

受影響套件(1)

• Maven/net.mingsoft:ms-mcmsfrom 0, <= 6.0.1

CVSS 分數

參考連結(5)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2025-60837
• PATCHhttps://github.com/ming-soft/MCMS
• WEBhttp://mcms.com
• WEBhttps://gist.github.com/xuzhiwei66666666/5cec37c9f674a08bc0d8654d42b4137a
• WEBhttps://gitee.com/mingSoft/MCMS