NukeViet CMS Stored XSS via Request Class (CVE-2025-42147) Advisory

github.com 2026-05-23English translation pending; showing Chinese查看中文 →

Security AdvisoryCVE-2025-42147HighNukeViet

Affected:

NukeViet CMS <= 4.5.07

Fixed in:

4.5.08

Referenced CVEs: CVE-2026-41147 · 8.7

文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive

This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.

More from this source

TOTOLINK A8000RU Command Injection Vulnerability Analysis 2026-05-26 TOTOLINK A8000RU RCE via Command Injection in cstecgi.cgi 2026-05-26 Unauthenticated Arbitrary Data Deletion via IDOR and SQL Injection in studentdel.php 2026-05-26 Path Traversal and SSRF in c-rick/jimeng-mcp (Patched) 2026-05-26 Path Traversal Vulnerability in dazebe/markdown-downloader 2026-05-26

Offline Archive

Offline screenshot & PDF are Pro-exclusive