CNNVD-202508-2037 Information

CNNVD ID

CNNVD-202508-2037

Related CVE

CVE-2025-55291

• CNNVD Published: 2025-08-18

Description (Chinese)

Shaarli是一套网站克隆工具。 Shaarli 0.15.0之前版本存在安全漏洞，该漏洞源于输入字符串未正确清理，容易受到反射型跨站脚本攻击。

Description (English)

Shaarli is a web-based cloning tool. Prior to Shaarli 0.15.0, there was a security loophole, which stemmed from the incorrect clean-up of the input string and was vulnerable to cross-station scripts.

Hazard Level

Medium

Vulnerability Type

其他

Published

2025-08-18

Last Modified

2026-02-24

References

https://github.com/shaarli/Shaarli/security/advisories/GHSA-7w7w-pw4j-265h https://github.com/shaarli/Shaarli/commit/66faa61335a6e72184be64092ff1242ffa4fe5b6 https://nvd.nist.gov/vuln/detail/CVE-2025-55291

Patch

https://github.com/shaarli/Shaarli/releases