CVE-2025-2040 | zhijiantianya ruoyi-vue-pro 2.4.1 deploy special elements used in a template engine

A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected by this vulnerability is an unknown functionality of the file /admin-api/bpm/model/deploy. The manipulation leads to improper neutralization of special elements used in a template engine.

This vulnerability is known as CVE-2025-2040. The attack can be launched remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More