XCMS — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in XCMS, with AI-generated Chinese analysis, references, and POCs.

Vendor: jackq

CVE ID	Title	CVSS	Severity	Published
CVE-2025-15110	jackq XCMS Backend ProductImageController.class.php upload unrestricted upload CWE-434	4.7	Medium	2025-12-27
CVE-2025-15109	jackq XCMS upload.php unrestricted upload CWE-434	7.3	High	2025-12-27

All 2 known CVE vulnerabilities affecting XCMS with full Chinese analysis, references, and POCs where available.