CNNVD-202507-2852 Information

CNNVD ID

CNNVD-202507-2852

Related CVE

CVE-2025-7953

• CNNVD Published: 2025-07-22

Description (Chinese)

PublicCMS是中国PublicCMS公司的一套使用Java语言编写的开源内容管理系统（CMS）。 PublicCMS 5.202506.a及之前版本存在输入验证错误漏洞，该漏洞源于对文件viewer.html中参数File的错误操作导致开放重定向。

Description (English)

PublicCMS is an open-source content management system (CMS) developed in Java by PublicCMS, China. PublicCMS 5.20206.a and previous versions have input validation error holes, which stem from the error in File, the parameter in document viewer.html, which results in open redirection.

Hazard Level

Critical

Vulnerability Type

输入验证错误

Affected Vendor

PublicCMS

Published

2025-07-22

Last Modified

2026-02-24

References

https://github.com/sanluan/PublicCMS/issues/88 https://vuldb.com/?submit.619279 https://vuldb.com/?id.317099 https://github.com/sanluan/PublicCMS/commit/f1af17af004ca9345c6fe4d5936d87d008d26e75 https://vuldb.com/?ctiid.317099 https://access.redhat.com/security/cve/cve-2025-7953 https://nvd.nist.gov/vuln/detail/CVE-2025-7953