CVE-2025-15145 – SohuTV CacheCloud TotalManageController.java doTotalList cross site scripting

CVE ID : CVE-2025-15145

Published : Dec. 28, 2025, 5:16 p.m. | 1 hour, 7 minutes ago

Description : A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. This affects the function doTotalList of the file src/main/java/com/sohu/cache/web/controller/TotalManageController.java. Such manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Severity: 4.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-15152 – h-moses moga-mall PmsProductController.java addProduct unrestricted upload

CVE-2025-15151 – TaleLin Lin-CMS Tests Folder config.py password in configuration file

CVE-2025-15150 – PX4 PX4-Autopilot mavlink_log_handler.cpp log_entry_from_id stack-based overflow

CVE-2025-15149 – rawchen ecms Add New Product updateProductServlet.java updateProductServlet cross site scripting