CVE-2025-8528 | Exrick xboot up to 3.3.4 getMenuList sensitive information in a cookie (Issue 69)

A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is an unknown function of the file /xboot/permission/getMenuList. The manipulation leads to cleartext storage of sensitive information in a cookie.

This vulnerability is traded as CVE-2025-8528. It is possible to launch the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More