CVE-2025-51965 | THREATINT

Description

OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting (XSS) via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface.

PUBLISHED Reserved 2025-06-16 | Published 2025-08-14 | Updated 2025-08-15 | Assigner mitre

References

ourphp.com

www.ourphp.net/

www.yuque.com/hkone-3iknd/sgwwfb/nvi4f00wqh3kyg0z?singleDoc

cve.org (CVE-2025-51965)

nvd.nist.gov (CVE-2025-51965)

Download JSON