CVE-2025-3592

Name of the Vulnerable Software and Affected Versions ZHENFENG13/code-projects My-Blog-layui version 1.0

Description A problem was found in the software, affecting an unknown part of the file /admin/v1/link/edit. This issue leads to cross site scripting and can be initiated remotely. Multiple parameters might be affected. The vendor was contacted about this issue but did not respond.

Recommendations As a temporary workaround, consider restricting access to the /admin/v1/link/edit endpoint until a patch is available. Avoid using multiple parameters in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.