CVE-2025-8798

Name of the Vulnerable Software and Affected Versions: oitcode samarium versions up to 0.9.6

Description: A critical vulnerability exists in oitcode samarium, allowing for unrestricted file uploads. The issue affects an unknown function within the /dashboard/product file of the Create Product Page component. The attack can be executed remotely. The exploit has been publicly disclosed and may be used.

Recommendations: oitcode samarium versions prior to 0.9.6 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.