CNNVD-202507-3400 Information

CNNVD ID

CNNVD-202507-3400

Related CVE

CVE-2025-8211

• CNNVD Published: 2025-07-26

Description (Chinese)

Roothub是一个使用 SSM 和 MySQL 开发的论坛系统。 Roothub 2.6及之前版本存在代码注入漏洞，该漏洞源于文件src/main/java/cn/roothub/web/admin/SystemConfigAdminController.java中函数Edit导致跨站脚本。

Description (English)

Roothub is a forum system developed using SSM and MySQL. There is a code injection loophole in Roothub 2.6 and earlier versions, which stems from the cross-site script caused by the Edit function of src/main/java/cn/roothub/web/admin/SystemConfigAdminController.java.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

个人开发者

Published

2025-07-26

Last Modified

2026-02-24

References

https://github.com/wandeorfu/test https://vuldb.com/?id.317779 https://vuldb.com/?submit.622227 https://vuldb.com/?ctiid.317779 https://vuldb.com/?submit.622347 https://access.redhat.com/security/cve/cve-2025-8211