PT-2025-36740 · Yeswiki · Yeswiki
Nakkouchtarek
·
Published
2025-09-09
·
Updated
2025-10-17
·
CVE-2025-52277
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
YesWiki version 4.54
Description:
YesWiki is susceptible to a cross-site scripting issue that enables a remote attacker to execute arbitrary code. The issue stems from a crafted payload delivered to the
robots field within the meta configuration.Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Yeswiki