CNNVD-202507-2559 Information
Jul 20, 2025
cve
CNNVD ID
CNNVD-202507-2559
Related CVE
- CNNVD Published: 2025-07-20
Description (Chinese)
webssh是Shengdun Hua个人开发者的一个基于Web的ssh客户端。 WebSSH 1.6.2及之前版本存在代码注入漏洞,该漏洞源于Login Page组件对参数hostname/port的错误操作导致跨站脚本。
Description (English)
Webssh is a Web-based ssh client of Shengdun Hua personal developer. WebSSH 1.6.2 and previous versions have a code-injection loophole, which results from the error of the Login Page component to the parameter hostname/port.
Hazard Level
High
Vulnerability Type
代码注入
Affected Vendor
个人开发者
Published
2025-07-20
Last Modified
2026-02-24
References
https://github.com/huashengdun/webssh/issues/410 https://vuldb.com/?id.317000 https://vuldb.com/?ctiid.317000 https://vuldb.com/?submit.613610 https://github.com/4m3rr0r/PoCVulDb/blob/main/CVE-2025-7885.md https://access.redhat.com/security/cve/cve-2025-7885
Share on: