CVE-2025-1083

LOW Year: 2025
CVSS v3 Score
3.1
Low
CVSS v2 Score
2.6
Low
Weakness Type
CWE-346
View all →

Vulnerability Description

A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0. Affected by this vulnerability is an unknown functionality of the component CORS Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2025-4542

LOW
CVSS:3.1(Low)

A vulnerability, which was classified as problematic, has been found in Freeebird Hotel 酒店管理系统 API up to 1.2. Affected by this issue is some unknown functionality of the file /src/main/java/cn/mafangu...

CWE-3462025

CVE-2025-4839

LOW
CVSS:3.1(Low)

A vulnerability has been found in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /paicoding-core/src/m...

CWE-3462025

CVE-2022-3457

LOW
CVSS:3.7(Low)

Origin Validation Error in GitHub repository ikus060/rdiffweb prior to 2.5.0a5.

CWE-3462022

CVE-2017-8523

MEDIUM
CVSS:4.3(Medium)

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge fails to co...

CWE-3462017

CVE-2018-8112

MEDIUM
CVSS:4.3(Medium)

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft ...

CWE-3462018

CVE-2018-8235

MEDIUM
CVSS:4.3(Medium)

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft ...

CWE-3462018