Cross Site Scripting Vulnerability in EyouCMS by Eyou
CVE-2025-52335

6.1MEDIUM

Key Information:

Vendor: Eyou
Status: EyouCMS
Vendor: CVE Published:; 14 August 2025

What is CVE-2025-52335?

EyouCMS version 1.7.3 is susceptible to a Cross Site Scripting (XSS) attack within the index.php file. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users, potentially leading to the exposure of sensitive information. It highlights the importance of ensuring that user inputs are appropriately validated and sanitized to prevent such security breaches.

References

http://eyoucms.com

https://sour-burglar-bfe.notion.site/CVE-2025-52335-24e2b...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Aug 14, 2025
Vulnerability Reserved
Jun 16, 2025

JSON