CVE-2025-15374 | EyouCMS up to 1.7.7 Ask Module Ask.php content cross site scripting

A vulnerability, which was classified as problematic, has been found in EyouCMS up to 1.7.7. The affected element is an unknown function of the file application/home/model/Ask.php of the component Ask Module. Performing manipulation of the argument content results in cross site scripting.

This vulnerability is identified as CVE-2025-15374. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor is “[a]cknowledging the existence of the vulnerability, we have completed the fix and will release a new version, v1.7.8”.VulDB Recent EntriesRead More