Ourphp · Ourphp · CVE-2025-51965
Name of the Vulnerable Software and Affected Versions:
OURPHP versions through 8.6.1
Description:
OURPHP through version 8.6.1 is susceptible to Cross-Site Scripting (XSS) via the `Name` field within the "Complete Profile" functionality located in the "My User Center" page. This functionality is accessible after front-end registration.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.