CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Yccms: >> Yccms >> 3.4 Security Vulnerabilities

CVE-2025-64048

YCCMS 3.4 contains a stored cross-site scripting (XSS) vulnerability in the article management functionality. The vulnerability exists in the add() and getPost() functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field.

CVSS Score

6.1

EPSS Score

0.0

Published

2025-11-24

Page 1

Vulnerabilities

Vulnerable Software

Yccms: >> Yccms >> 3.4 Security Vulnerabilities

Products

Pricing

Contact Us