CVE-2025-4324

Name of the Vulnerable Software and Affected Versions MRCMS version 3.1.2

Description A problematic issue was found in the External Link Management Page component, affecting an unknown part of the file /admin/link/edit.do. This issue leads to cross site scripting and can be initiated remotely. The exploit has been disclosed to the public.

Recommendations For MRCMS version 3.1.2, consider restricting access to the /admin/link/edit.do endpoint until a patch is available. As a temporary workaround, avoid using the External Link Management Page component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.