CNNVD-202507-2821 Information
CNNVD ID
CNNVD-202507-2821
Related CVE
- CNNVD Published: 2025-07-21
Description (Chinese)
HAXcms with nodejs backend是HAX The Web开源的一个后端管理系统。 HAXcms with nodejs backend 11.0.8及之前版本存在安全漏洞,该漏洞源于对API请求异常处理不当,可能导致拒绝服务攻击。
Description (English)
HAXcms with nodejs backend is a back-end management system for HAX The Web Open Source. There is a security gap in HAXcms with nodejs backend 11.0.8 and earlier versions, which stems from the unusual handling of API requests, which could lead to a denial of service attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
HAX The Web
Published
2025-07-21
Last Modified
2026-02-24
References
https://github.com/haxtheweb/haxcms-nodejs/blob/main/src/routes/listFiles.js#L22 https://github.com/haxtheweb/haxcms-nodejs/blob/main/src/routes/saveFile.js#L52 https://github.com/haxtheweb/haxcms-nodejs/commit/e9773d1996233f9bafb06832b8220ec2a98bab34 https://github.com/haxtheweb/issues/security/advisories/GHSA-pjj3-j5j6-qj27
Patch
https://github.com/haxtheweb/haxcms-nodejs/tags
Share on: