漏洞描述
(CVE-2025-7901)RuoYi Swagger UI组件configUrl参数跨站脚本漏洞
(CVE-2025-7901)RuoYi Swagger UI组件configUrl参数跨站脚本漏洞
PoC代码
暂无相关漏洞推荐
- Swagger-UI-XSS: 3.14.1<=Swagger-UI-XSS< 3.38.0
- Exrick Xboot Swagger SecurityController.java服务器端请求伪造(CVE-2025-8527)
- POC CVE-2018-25031: Swagger UI < 3.38.0 - Cross-Site Scripting
- POC CVE-2025-8191: Swagger UI >=3.14.1 < 3.38.0 - DOM Based Cross-Site Scripting
- POC CVE-2022-0381: WordPress Embed Swagger <=1.0.0 - Cross-Site Scripting
- POC CVE-2024-22207: Fastify Swagger-UI - Information Disclosure
- POC CNVD-2021-01931: Ruoyi Management System - Local File Inclusion
- POC ruoyi-druid-unauth: 若依管理系统未授权访问
- POC CNVD-2021-01931: Ruoyi Management System - Local File Inclusion
- POC swagger-disclosure: Public Swagger API Desclosure
- RuoYi-Vue-Plus sendMessageWithAttachment 任意文件读取漏洞
- RuoYi AI /prod-api/auth/login 默认口令漏洞
- (CVE-2025-3202) RuoYi-ai系统未授权访问漏洞