CNNVD-202507-431 Information

CNNVD ID

CNNVD-202507-431

Related CVE

CVE-2025-7066

• CNNVD Published: 2025-07-04

Description (Chinese)

Jirafeau是Jérôme Jutteau个人开发者的一种上传文件的简单方法。 Jirafeau存在跨站脚本漏洞，该漏洞源于MIME类型检查绕过，可能导致跨站脚本攻击。

Description (English)

Jirafeau is a simple way for Jérôme Jutteau’s personal developer to upload documents. Jirafeau had a cross-site script loophole, which stemmed from a MIME type check that bypassed and could lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Live Support

Published

2025-07-04

Last Modified

2026-02-24

References

https://gitlab.com/jirafeau/Jirafeau/-/commit/79464ec6276e8eb0e0b0ad597db02b85080d2b63 https://www.cve.org/CVERecord?id=CVE-2022-30110 https://www.cve.org/CVERecord?id=CVE-2024-12326 https://access.redhat.com/security/cve/cve-2025-7066

Patch

https://gitlab.com/jirafeau/Jirafeau