CVE-2025-15149

Name of the Vulnerable Software and Affected Versions rawchen ecms (affected versions not specified)

Description A cross site scripting issue exists in rawchen ecms. The updateProductServlet function within the src/servlet/product/updateProductServlet.java file, specifically related to the Add New Product Page component, is susceptible to exploitation through manipulation of the productName argument. This allows for remote exploitation and the exploit has been publicly disclosed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.