CVE-2025-25590

MEDIUM

R1bbit Yimioa < 2024.07.04 - SQL Injection

Title source: rule

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the component /mapper/xml/AddressDao.xml.

gitee

by r1bbit · javawriteup

CVSS v3 6.1

EPSS 0.0003

EPSS Percentile 8.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L

CWE

CWE-89

Status published

Products (1)

r1bbit/yimioa < 2024.07.04

Published Mar 18, 2025

Tracked Since Feb 18, 2026