CVE-2025-10944 | yi-ge get-header-ip up to 589b23d0eb0043c310a6a13ce4bbe2505d0d0b15 ip.php callback cross site scripting

A vulnerability was found in yi-ge get-header-ip up to 589b23d0eb0043c310a6a13ce4bbe2505d0d0b15. It has been classified as problematic. This issue affects the function ip of the file ip.php. This manipulation of the argument callback causes cross site scripting.

This vulnerability appears as CVE-2025-10944. The attack may be initiated remotely. There is no available exploit.

This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More