VYPR
Low severity3.5NVD Advisory· Published Dec 31, 2025· Updated Apr 29, 2026

CVE-2025-15374

CVE-2025-15374

Description

A vulnerability was detected in EyouCMS up to 1.7.7. The affected element is an unknown function of the file application/home/model/Ask.php of the component Ask Module. Performing a manipulation of the argument content results in cross site scripting. The attack can be initiated remotely. The exploit is now public and may be used. The vendor is "[a]cknowledging the existence of the vulnerability, we have completed the fix and will release a new version, v1.7.8".

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Eyoucms/Eyoucms2 versions
    cpe:2.3:a:eyoucms:eyoucms:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:eyoucms:eyoucms:*:*:*:*:*:*:*:*range: <1.7.8
    • (no CPE)range: <=1.7.7

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.