CNNVD-202507-3494 Information

Jul 28, 2025 cve

CNNVD ID

CNNVD-202507-3494

CVE-2025-27802

CNNVD Published: 2025-07-28

Description (Chinese)

Optimizely Episerver Content Management System是美国Optimizely公司的一个企业级内容管理系统。 Optimizely Episerver Content Management System存在安全漏洞，该漏洞源于存储型跨站脚本使经过身份验证的攻击者能执行恶意JavaScript代码。

Description (English)

Optimizely Episerver Content Management System is an enterprise-level content management system for Optimizely in the United States. There is a security loophole in Optimizely Episerver Content Management System, which stems from the storage-type cross-site script that enables an identified assailant to enforce the malicious JavaScript code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Optimizely

Published

2025-07-28

Last Modified

2026-02-24

References

https://support.optimizely.com/hc/en-us/articles/30886353301645-2025-Optimizely-CMS-11-PaaS-release-notes#h_01K09MR1SZS4FEAPD4478GQ0FR https://support.optimizely.com/hc/en-us/articles/37757063222029-2024-Optimizely-CMS-12-PaaS-release-notes#h_01JN4AZV48WKNADH3KWC2GYDS5 https://access.redhat.com/security/cve/cve-2025-27802

Patch

https://support.optimizely.com/hc/en-us/articles/30886353301645-2025-Optimizely-CMS-11-PaaS-release-notes#h_01K09MR1SZS4FEAPD4478GQ0FR

Share on: