Serein123y

1 exploit Active since May 2025
CVE-2025-4260 WRITEUP MEDIUM WRITEUP
zhangyanbo2007 youkefu <4.2.0 - Deserialization
A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is the function impsave of the file m\web\handler\admin\system\TemplateController.java. The manipulation of the argument dataFile leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 4.3