CVE-2025-7901 – RuoYi Swagger UI Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7901

Published : July 20, 2025, 4:15 p.m. | 38 minutes ago

Description : A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been rated as problematic. This issue affects some unknown processing of the file /swagger-ui/index.html of the component Swagger UI. The manipulation of the argument configUrl leads to cross site scripting. The attack may be initiated remotely.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…