PT-2025-30377 · Unknown+1 · Sanluan Publiccms+1
Zast.Ai
·
Published
2025-07-22
·
Updated
2025-07-22
·
CVE-2025-7953
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Sanluan PublicCMS versions up to 5.202506.a
Description
A problematic vulnerability has been identified in Sanluan PublicCMS. The issue involves unknown processing of the file
publiccms-parent/publiccms/src/main/webapp/resource/plugins/pdfjs/viewer.html. Manipulation of the File argument results in an open redirect, potentially allowing remote attacks. The exploit for this issue has been publicly disclosed.Recommendations
Sanluan PublicCMS versions prior to 5.202506.a: Apply the patch named f1af17af004ca9345c6fe4d5936d87d008d26e75 to resolve the issue.
Exploit
Fix
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sanluan Publiccms
Pdf.Js