Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.1
RyMcu Forest 0.0.5: Remote Code Injection Through User Info Update
CVE-2026-2947
Summary
A security issue in RyMcu Forest version 0.0.5 allows an attacker to inject malicious code on a user's account when updating their information. This can happen remotely and an exploit is now publicly available. RyMcu has not responded to the notification about this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| rymcu | forest | <= 0.0.5 | – |
Original title
A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component...
Original description
A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
4.0
nvd CVSS3.1
5.4
nvd CVSS4.0
5.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
CWE-94
Code Injection
- https://fx4tqqfvdw4.feishu.cn/docx/MBymdGpuFoGQYuxEiH2cdC5BnSe?from=from_copylin... Exploit Third Party Advisory
- https://vuldb.com/?ctiid.347317 Permissions Required VDB Entry
- https://vuldb.com/?id.347317 Third Party Advisory VDB Entry
- https://vuldb.com/?submit.755039 Third Party Advisory VDB Entry
Published: 22 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026