CVE-2025-15451

Name of the Vulnerable Software and Affected Versions xnx3 wangmarket versions up to 4.9

Description A security flaw exists in xnx3 wangmarket up to version 4.9, specifically within the System Variables Page functionality located at the '/admin/system/variableSave.do' file. Manipulation of the Description argument can lead to cross site scripting. The exploit has been publicly released and may be used for attacks. The vendor was notified but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.