CNNVD-202506-1723 Information

CNNVD ID

CNNVD-202506-1723

Related CVE

CVE-2025-46096

• CNNVD Published: 2025-06-13

Description (Chinese)

OpenSolon是OpenSolon开源的一个全场景 Java 企业应用程序开发框架。 OpenSolon 3.1.2版本存在安全漏洞，该漏洞源于solon-faas-luffy组件存在目录遍历，可能导致跨站脚本攻击。

Description (English)

OpenSolon is an OpenSolon open-source scenario Java Enterprise Development Framework. OpenSolon version 3.1.2 contains a security loophole that originates from the existence of the solon-faas-luffy component, which could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

OpenSolon

Published

2025-06-13

Last Modified

2026-02-24

References

https://gist.github.com/yaoyao-cool/1b7d80930fea88b6fd4839646cedc437 https://github.com/opensolon/solon/issues/357 https://access.redhat.com/security/cve/cve-2025-46096

Patch

https://github.com/opensolon/solon/releases