Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.1
Wethink Technology 720yun pano-sdk allows remote code execution via malicious login and signup pages
CVE-2025-66880
Summary
An attacker can inject malicious code into Wethink Technology's 720yun pano-sdk software, which can then run on your website. This can happen when users interact with the login and signup pages on your site. To stay safe, update to the latest version of the software as soon as possible.
Original title
Cross Site Scripting vulnerability in Wethink Technology Inc 720yun pano-sdk 0.5.877 allows a remote attacker to execute arbitrary code via the LoginComp (Module 2093) and SignupComp (Module 2094) ...
Original description
Cross Site Scripting vulnerability in Wethink Technology Inc 720yun pano-sdk 0.5.877 allows a remote attacker to execute arbitrary code via the LoginComp (Module 2093) and SignupComp (Module 2094) modules.
nvd CVSS3.1
6.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026