CVE-2025-14013

Name of the Vulnerable Software and Affected Versions JIZHICMS versions up to 2.5.5

Description A flaw exists in JIZHICMS that allows for cross site scripting. The issue is located in the Comment Handler component, specifically within the file /index.php/admins/Comment/addcomment.html. Manipulation of the body argument within an unknown function in this file can trigger the flaw. The exploit is publicly available. The vendor was notified but did not respond.

Recommendations Update JIZHICMS to a version newer than 2.5.5.