Browse all 4 CVE security advisories affecting moxi159753. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Moxi159753 is primarily associated with web applications and content management systems, where it enables dynamic content delivery and user interaction. Historically, it has been linked to multiple vulnerabilities including remote code execution, cross-site scripting, and privilege escalation flaws. The four CVEs attributed to this component highlight consistent issues in input validation and access control. Security researchers have noted its susceptibility to both stored and reflected XSS attacks, with some instances allowing attackers to execute arbitrary code with system-level privileges. No major public security incidents have been documented, though its recurring vulnerability patterns suggest ongoing need for careful implementation and regular updates.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13816 | moxi159753 Mogu Blog v2 ZIP File unzipFile FileOperation.unzip path traversal — Mogu Blog v2CWE-22 | 6.3 | Medium | 2025-12-01 |
| CVE-2025-13815 | moxi159753 Mogu Blog v2 pictures unrestricted upload — Mogu Blog v2CWE-434 | 6.3 | Medium | 2025-12-01 |
| CVE-2025-13814 | moxi159753 Mogu Blog v2 uploadPicsByUrl LocalFileServiceImpl.uploadPictureByUrl server-side request forgery — Mogu Blog v2CWE-918 | 7.3 | High | 2025-12-01 |
| CVE-2025-13813 | moxi159753 Mogu Blog v2 Storage Management Endpoint storage authorization — Mogu Blog v2CWE-862 | 5.6 | Medium | 2025-12-01 |
This page lists every published CVE security advisory associated with moxi159753. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.