CNNVD-202507-3402 Information

CNNVD ID

CNNVD-202507-3402

Related CVE

CVE-2025-54597

• CNNVD Published: 2025-07-27

Description (Chinese)

Heimdall是LinuxServer.io开源的一个应用程序面板和启动器。 Heimdall 2.7.3之前版本存在跨站脚本漏洞，该漏洞源于q参数未清理，可能导致跨站脚本攻击。

Description (English)

Heimdall is an application panel and starter for LinuxServer.io open source. Prior to Heimdall 2.7.3, there was a cross-site script loophole, which originated from an uncleaned q parameter and could lead to a cross-site script attack.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

LinuxServer.io

Published

2025-07-27

Last Modified

2026-02-24

References

https://github.com/linuxserver/Heimdall/compare/v2.7.2…v2.7.3 https://github.com/linuxserver/Heimdall/commit/d1a96dd752ba30dc56380400dd2587d8abb8e9d1 https://access.redhat.com/security/cve/cve-2025-54597

Patch

https://github.com/linuxserver/Heimdall/releases