CNNVD-202507-3284 Information

CNNVD ID

CNNVD-202507-3284

Related CVE

CVE-2025-34114

• CNNVD Published: 2025-07-25

Description (Chinese)

OpenBlow是意大利OpenBlow公司的一个机构内部接受匿名举报及保护举报人隐私的网络系统。 OpenBlow存在安全漏洞，该漏洞源于缺少关键HTTP响应头，可能导致跨站脚本、点击劫持和referer泄漏。

Description (English)

OpenBlow is a web-based system for receiving anonymous reports and protecting the privacy of whistleblowers within a body of the Italian company OpenBlow. OpenBlow has a security loophole, which stems from the lack of a critical HTTP response head, which could lead to cross-site scripts, clicks on hijackings and leaks in referer.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

OpenBlow

Published

2025-07-25

Last Modified

2026-02-24

References

https://seclists.org/fulldisclosure/2025/Jul/13 https://www.openblow.it https://www.vulncheck.com/advisories/openblow-missing-critical-security-headers https://access.redhat.com/security/cve/cve-2025-34114