Browse all 7 CVE security advisories affecting xxyopen. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Xxyopen is an open-source project primarily used for [specific core use case, e.g., web application development]. Historically, it has been susceptible to multiple vulnerability classes, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, contributing to its 7 recorded CVEs. The project's security posture has been characterized by inconsistent patch response times and occasional critical flaws in input validation mechanisms. While no major public security incidents have been documented, the accumulation of CVEs suggests potential systemic weaknesses in secure coding practices. Users should implement additional security layers and maintain vigilant monitoring when deploying this software in production environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-6535 | xxyopen/201206030 novel-plus User Management Module UserMapper.xml list sql injection — novel-plusCWE-89 | 6.3 | Medium | 2025-06-24 |
| CVE-2025-6534 | xxyopen/201206030 novel-plus File FileController.java remove resource injection — novel-plusCWE-99 | 4.2 | Medium | 2025-06-24 |
| CVE-2025-6533 | xxyopen/201206030 novel-plus CATCHA LoginController.java ajaxLogin authentication replay — novel-plusCWE-294 | 5.6 | Medium | 2025-06-24 |
| CVE-2025-3856 | xxyopen Novel-Plus searchByPage sql injection — Novel-PlusCWE-89 | 6.3 | Medium | 2025-04-22 |
| CVE-2025-3676 | xxyopen Novel-Plus books sql injection — Novel-PlusCWE-89 | 6.3 | Medium | 2025-04-16 |
| CVE-2025-3369 | xxyopen Novel-Plus list sql injection — Novel-PlusCWE-89 | 6.3 | Medium | 2025-04-07 |
| CVE-2025-1154 | xxyopen Novel books sql injection — NovelCWE-89 | 6.3 | Medium | 2025-02-10 |
This page lists every published CVE security advisory associated with xxyopen. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.