Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2025-8521

Good to know:

icon

Date: August 4, 2025

A vulnerability, which was classified as problematic, has been found in givanz Vvveb up to 1.0.5. This issue affects some unknown processing of the file /vadmin123/index.php?module=settings/post-types of the component Add Type Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The patch is named b53c7161da606f512b7efcb392d6ffc708688d49/605a70f8729e4d44ebe272671cb1e43e3d6ae014. It is recommended to upgrade the affected component.

Severity Score

Related Resources (8)

https://vuldb.com/?id.318647
https://vuldb.com/?ctiid.318647
https://github.com/givanz/Vvveb/releases/tag/1.0.6
https://nvd.nist.gov/vuln/detail/CVE-2025-8521
https://hkohi.ca/vulnerability/11
https://github.com/givanz/Vvveb/commit/b53c7161da606f512b7efcb392d6ffc708688d49
https://vuldb.com/?submit.625003
https://www.mend.io/vulnerability-database/CVE-2025-8521

Severity Score

Weakness Type (CWE)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-79

Improper Control of Generation of Code ('Code Injection')

CWE-94

Top Fix

icon

Upgrade Version

Upgrade to version https://github.com/givanz/Vvveb.git - 1.0.6

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): HIGH
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): LOW
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): MULTIPLE
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us