CVE-2025-8847 – RuoYi Yangzongzhuan Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8847

Published : Aug. 11, 2025, 1:15 p.m. | 28 minutes ago

Description : A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is the function Edit of the file /system/notice/edit. The manipulation of the argument noticeTitle/noticeContent leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…