CNNVD-202507-3279 Information
CNNVD ID
CNNVD-202507-3279
Related CVE
- CNNVD Published: 2025-07-25
Description (Chinese)
Sitecore JSS React Sample Application是Sitecore公司的一个示例程序。 Sitecore JSS React Sample Application 11.0.0至14.0.1版本存在安全漏洞,该漏洞源于信息泄露,可能导致用户数据交叉显示。
Description (English)
Sitecore JSS Reality Application is an example procedure for Sitecore. There is a security loophole in version 11.0.0 to 14.0.1 of Sitecore JSS Reality Application, which originates from information leaks and may lead to cross-references of user data.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Sitecore
Published
2025-07-25
Last Modified
2026-02-24
References
https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB0750906 https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1001612 https://www.vulncheck.com/advisories/sitecore-jss-react-sample-application-info-disc https://access.redhat.com/security/cve/cve-2020-36850
Patch
https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB0750906
Share on: