CNNVD-202506-1728 Information
CNNVD ID
CNNVD-202506-1728
Related CVE
- CNNVD Published: 2025-06-13
Description (Chinese)
OpenC3 COSMOS是OpenC3开源的一个应用程序。 OpenC3 COSMOS v6.0.2之前版本存在安全漏洞,该漏洞源于URL参数注入特制有效载荷,可能导致执行任意Web脚本或HTML。
Description (English)
OpenC3 COSMOS is an application of OpenC3 open source. There was a security loophole in the previous version of OpenC3 COSMOS v. 6.2, which resulted from the introduction of a special payload into the URL parameter, which could lead to the execution of any Web script or HTML.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
OpenC3
Published
2025-06-13
Last Modified
2026-02-24
References
https://openc3.com/ https://github.com/OpenC3/cosmos/releases/tag/v6.0.2 https://github.com/OpenC3/cosmos/commit/12e3e12307afd3dbfc306f20d60400989db89883 https://github.com/OpenC3/cosmos/pull/1816 https://visionspace.com/openc3-cosmos-a-security-assessment-of-an-open-source-mission-framework/ https://access.redhat.com/security/cve/cve-2025-28380
Patch
https://github.com/OpenC3/cosmos/releases
Share on: