CNNVD-202507-2820 Information

CNNVD ID

CNNVD-202507-2820

Related CVE

CVE-2025-54129

• CNNVD Published: 2025-07-21

Description (Chinese)

HAXiam是HAX The Web开源的一个这是HAXcms软件的包装器。 HAXiam 11.0.4及之前版本存在安全漏洞，该漏洞源于对用户数据请求响应不当，可能导致用户枚举攻击。

Description (English)

HAXiam is a packager of HAX The Web open source, HAXcms software. 11.0.4 and previous versions of HAXiam have a security loophole, which stems from inappropriate responses to user data requests, which may lead to a number of user attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

HAX The Web

Published

2025-07-21

Last Modified

2026-02-24

References

https://github.com/haxtheweb/issues/security/advisories/GHSA-wh3h-vfcv-m5g5 https://nvd.nist.gov/vuln/detail/CVE-2025-54129

Patch

https://github.com/haxtheweb/issues