CVE Identifier: CVE-2025-14007 CVSS Meta Temp Score: 1.9 Current Exploit Price: $0-$5k CTI Interest Score: 3.20 Summary: A problematic vulnerability was found in Dayrui XunRuiCMS up to version 4.7.1, impacting the file within the Domain Name Binding Page. The flaw results in cross-site scripting vulnerabilities. An exploit is available, and remote attacks can be initiated, though the vendor did not respond to the disclosure. Details: The vulnerability is related to improper processing of user input in the specified file, leading to a cross-site scripting vulnerability (CWE-79). The product fails to neutralize or incorrectly neutralizes user-controllable input, which can be placed in output that is used as a web page served to other users, affecting integrity. Advisory Resource: Shared at github.com, this vulnerability is identified as CVE-2025-14007. The exploitation difficulty is considered average, and the attack can be launched remotely.