CNNVD-202507-1685 Information

CNNVD ID

CNNVD-202507-1685

Related CVE

CVE-2025-53642

• CNNVD Published: 2025-07-11

Description (Chinese)

HAXcms with nodejs backend是HAX The Web开源的一个后端管理系统。 HAXcms with nodejs backend存在代码问题漏洞，该漏洞源于会话终止不当，可能导致未授权访问。

Description (English)

HAXcms with nodejs backend is a back-end management system for HAX The Web Open Source. HAXcms with nodejs backend had a code loophole, which stemmed from inappropriate termination of sessions and could lead to unauthorized access.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

HAX The Web

Published

2025-07-11

Last Modified

2026-02-24

References

https://github.com/haxtheweb/issues/security/advisories/GHSA-g4f5-5w5j-p5jg https://nvd.nist.gov/vuln/detail/CVE-2025-53642 https://access.redhat.com/security/cve/cve-2025-53642

Patch

https://github.com/haxtheweb/haxcms-php/releases