CNNVD-202506-3320 Information

CNNVD ID

CNNVD-202506-3320

Related CVE

CVE-2024-56915

• CNNVD Published: 2025-06-26

Description (Chinese)

NetBox是NetBox社区的一款基于Django、PostgreSql 用于IP地址管理（IPAM）和数据中心基础结构管理（DCIM）的工具。 Netbox v4.1.7版本存在安全漏洞，该漏洞源于RSS feed widget容易受到跨站脚本攻击。

Description (English)

NetBox is a tool for the NetBox community based on Django, PostgreSql for IP address management (IPAM) and data centre infrastructure management (DCIM). Version Netbox v4.1.7 contains a security loophole, which stems from the vulnerability of RSS feed widget to cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

NetBox

Published

2025-06-26

Last Modified

2026-02-24

References

https://github.com/netbox-community/netbox/releases/tag/v4.1.7 https://github.com/noxlumens/Vulnerability-Research/tree/main/CVE-2024-56915 https://youtu.be/n_5w0WVP8zE

Patch

https://github.com/netbox-community/netbox/releases