CNNVD-202506-3343 Information

CNNVD ID

CNNVD-202506-3343

Related CVE

CVE-2025-6700

• CNNVD Published: 2025-06-26

Description (Chinese)

xxl-sso是许雪里个人开发者的一个分布式单点登录框架。 xxl-sso 1.1.0版本存在安全漏洞，该漏洞源于对文件/xxl-sso-server/login中参数errorMsg的错误操作,导致跨站脚本攻击。

Description (English)

xxl-sso is a distributed single point log-in framework for individual developers in Xuxi. There is a security loophole in version xxl-sso 1.1.0, which results from an error in the argument errorMsg in the file/xxl-sso-server/login, resulting in a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Live Support

Published

2025-06-26

Last Modified

2026-02-24

References

https://nvd.nist.gov/vuln/detail/CVE-2025-6700