Cross Site Scripting Vulnerability in Ruoyi 4.8.2 by Yangzongzhuan
CVE-2026-37216
6.1MEDIUM
What is CVE-2026-37216?
The Ruoyi 4.8.2 version is susceptible to a Cross Site Scripting (XSS) vulnerability at the /system/notice/add interface. This flaw allows an attacker to inject malicious scripts into web pages viewed by other users. Effective exploitation could lead to unauthorized actions on behalf of users or the exposure of sensitive information. Organizations using Ruoyi 4.8.2 should assess their systems for this vulnerability and apply recommended patches to mitigate the associated risks.
