CVE-2025-8221

A vulnerability classified as problematic was found in jerryshensjf JPACookieShop ????JPA? up to 24a15c02b4f75042c9f7f615a3fed2ec1cefb999. Affected by this vulnerability is the function goodsSearch of the file GoodsCustController.java. The manipulation of the argument keyword leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

CVSS

No CVSS.

References

Link	Resource
https://github.com/Bemcliu/cve-reports/blob/main/cve-04-%E8%9B%8B%E7%B3%95%E5%95%86%E5%9F%8EJPA%E7%89%88-Reflected%20XSS/readme.md
https://github.com/Bemcliu/cve-reports/blob/main/cve-04-%E8%9B%8B%E7%B3%95%E5%95%86%E5%9F%8EJPA%E7%89%88-Reflected%20XSS/readme.md
https://vuldb.com/?ctiid.317809
https://vuldb.com/?id.317809
https://vuldb.com/?submit.621784

Configurations

No configuration.

History

28 Jul 2025, 15:15

Type	Values Removed	Values Added
CWE	CWE-94 CWE-79
CVSS	v2 : ~~unknown~~ v3 : ~~4.3~~	v2 : unknown v3 : unknown

27 Jul 2025, 05:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-27 05:15

Updated : 2025-07-28 15:15

NVD link : CVE-2025-8221

Mitre link : CVE-2025-8221

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2025-8221

Attach tags to `CVE-2025-8221`