VYPR

Xxl SSO

by Xuxueli

CVEs (2)

  • CVE-2025-6700MedJun 26, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability classified as problematic was found in Xuxueli xxl-sso 1.1.0. This vulnerability affects unknown code of the file /xxl-sso-server/login. The manipulation of the argument errorMsg leads to cross site scripting. The attack can be initiated remotely. The exploit has…

  • CVE-2025-6701LowJun 26, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability, which was classified as problematic, has been found in Xuxueli xxl-sso 1.1.0. This issue affects some unknown processing of the file /xxl-sso-server/doLogin. The manipulation of the argument redirect_url leads to open redirect. The attack may be initiated…