CNNVD-202507-2818 Information

CNNVD ID

CNNVD-202507-2818

Related CVE

CVE-2025-54127

• CNNVD Published: 2025-07-21

Description (Chinese)

HAXcms with nodejs backend是HAX The Web开源的一个后端管理系统。 HAXcms with nodejs backend 11.0.6及之前版本存在安全漏洞，该漏洞源于默认配置中禁用JWT检查，可能导致身份验证绕过。

Description (English)

HAXcms with nodejs backend is a back-end management system for HAX The Web Open Source. There is a security loophole in HAXcms with nodejs backend 11.0.6 and earlier versions, which results from a default configuration that disables the use of JWT, which may lead to an identification bypass.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

HAX The Web

Published

2025-07-21

Last Modified

2026-02-24

References

https://github.com/haxtheweb/issues/security/advisories/GHSA-f38f-jvqj-mfg6

Patch

https://github.com/haxtheweb/issues