CVE-2025-4839

Name of the Vulnerable Software and Affected Versions: itwanger paicoding versions 1.0.0 through 1.0.3

Description: A vulnerability has been found in the software, classified as problematic. It affects an unknown functionality of the file /paicoding-core/src/main/java/com/github/paicoding/forum/core/util/CrossUtil.java, leading to a permissive cross-domain policy with untrusted domains. The attack can be launched remotely, with a rather high complexity, making exploitation difficult.

Recommendations: For versions 1.0.0 through 1.0.3, consider restricting access to the affected functionality in the CrossUtil.java file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.