CVE-2025-8847 | yangzongzhuan RuoYi up to 4.8.1 /system/notice/edit noticeTitle/noticeContent cross site scripting (Issue 298)

A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been declared as problematic. Affected by this vulnerability is the function Edit of the file /system/notice/edit. The manipulation of the argument noticeTitle/noticeContent leads to cross site scripting.

This vulnerability is known as CVE-2025-8847. The attack can be launched remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More