CVE-2025-5133

Name of the Vulnerable Software and Affected Versions Tmall Demo up to 20250505

Description A vulnerability has been found in the Search Box component of Tmall Demo, allowing for cross-site scripting through remote attack. The manipulation of an unknown function leads to this issue. The vendor was contacted about this disclosure but did not respond. The estimated number of potentially affected devices worldwide is not available.

Recommendations As a temporary workaround, consider restricting access to the Search Box component until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.