CVE-2025-8528

Name of the Vulnerable Software and Affected Versions Exrick xboot versions through 3.3.4

Description A problematic issue has been identified in Exrick xboot. The issue resides in an unknown function within the /xboot/permission/getMenuList file. Manipulation of this function results in the storage of sensitive information in cleartext within a cookie. The attack can be executed remotely and is considered to have relatively high complexity, making exploitation difficult. The exploit has been publicly disclosed and may be utilized.

Recommendations Versions prior to 3.3.5: At the moment, there is no information about a newer version that contains a fix for this vulnerability.