CNNVD-202507-284 Information

Jul 03, 2025 cve

CNNVD ID

CNNVD-202507-284

CVE-2025-40723

  • CNNVD Published: 2025-07-03

Description (Chinese)

Flatboard Pro是Flatboard开源的一个论坛系统。 Flatboard Pro 3.2.2之前版本存在跨站脚本漏洞,该漏洞源于对config.php中footer_text和announcement参数输入验证不足,可能导致存储型跨站脚本攻击。

Description (English)

Flutboard Pro is a forum system open to Fratboard. The previous version of Fratboard Pro 3.2.2 had a cross-site script loophole, which stemmed from the inadequate verification of the log-forter text and announcement parameters in config.php and could lead to a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Flatboard

Published

2025-07-03

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-stored-cross-site-scripting-xss-vulnerabilities-flatboard-pro

Patch

https://flatboard.org/

Share on: