Metrics
Affected Vendors & Products
Wed, 03 Sep 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:macrozheng:mall:*:*:*:*:*:*:*:* |
Tue, 12 Aug 2025 12:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Macrozheng
Macrozheng mall |
|
Vendors & Products |
Macrozheng
Macrozheng mall |
Mon, 28 Jul 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Sat, 26 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability, which was classified as problematic, was found in macrozheng mall up to 1.0.3. Affected is an unknown function of the file /swagger-ui/index.html of the component Swagger UI. The manipulation of the argument configUrl leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor deleted the GitHub issue for this vulnerability without any explanation. Afterwards the vendor was contacted early about this disclosure via email but did not respond in any way. | |
Title | macrozheng mall Swagger UI index.html cross site scripting | |
Weaknesses | CWE-79 CWE-94 |
|
References |
| |
Metrics |
cvssV2_0
|

Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2025-07-28T16:03:57.109Z
Reserved: 2025-07-25T08:54:26.882Z
Link: CVE-2025-8191

Updated: 2025-07-28T16:03:45.830Z

Status : Analyzed
Published: 2025-07-26T14:15:25.120
Modified: 2025-09-03T14:38:16.657
Link: CVE-2025-8191

No data.

Updated: 2025-08-12T12:05:50Z