Filtered by vendor Itwanger
                         Subscriptions
                    
                    
                
                        Filtered by product Paicoding
                         Subscriptions
                    
                    
                
                    Total
                    4 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v3.1 | 
|---|---|---|---|---|
| CVE-2025-4839 | 1 Itwanger | 1 Paicoding | 2025-06-04 | 3.1 Low | 
| A vulnerability has been found in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /paicoding-core/src/main/java/com/github/paicoding/forum/core/util/CrossUtil.java. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3965 | 1 Itwanger | 1 Paicoding | 2025-05-12 | 3.5 Low | 
| A vulnerability has been found in itwanger paicoding 1.0.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /article/app/post. The manipulation of the argument content leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3966 | 1 Itwanger | 1 Paicoding | 2025-05-12 | 4.3 Medium | 
| A vulnerability was found in itwanger paicoding 1.0.3 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/home?userId=1&homeSelectType=read of the component Browsing History Handler. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3967 | 1 Itwanger | 1 Paicoding | 2025-05-12 | 5.4 Medium | 
| A vulnerability was found in itwanger paicoding 1.0.3. It has been classified as critical. This affects an unknown part of the file /article/api/post of the component Article Handler. The manipulation of the argument articleId leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
                            
                                
                                
                                    Page 1 of 1.