CVE-2025-25580 Information

Description

yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql() method at /xml/UserMapper.xml.

Reference

https://gitee.com/r1bbit/yimioa/issues/IBI6XT