Cross-Site Scripting in GouguCMS 4.08.18 Affects Remote Users
CVE-2025-2366

2.4LOW

Key Information:

Vendor: Gougucms
Status: GouguCMS
Vendor: CVE Published:; 17 March 2025

What is CVE-2025-2366?

A vulnerability exists in GouguCMS 4.08.18 affecting the Add Department Page functionality. Specifically, the manipulation of the 'title' argument allows for potential cross-site scripting (XSS) attacks. This vulnerability can be exploited remotely, posing significant risks to users. Despite being informed, the vendor has not responded regarding this critical issue, leaving systems potentially exposed.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/caigo8/CVE-md/blob/main/gougucms/gougu...

https://vuldb.com/?ctiid.299865

https://vuldb.com/?id.299865

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 17, 2025

JSON

Gougucms

What is CVE-2025-2366?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.