CNNVD-202508-2678 Information
Aug 22, 2025
cve
CNNVD ID
CNNVD-202508-2678
Related CVE
- CNNVD Published: 2025-08-22
Description (Chinese)
dootask是dootask公司的一款开源在线项目任务管理工具。 dootask 1.0.51版本存在安全漏洞,该漏洞源于/msg/sendtext组件存在认证任意下载问题。
Description (English)
Dootask is an open-source online project task management tool for Dootask. There is a security loophole in version 1.051 of dootask, which stems from the issue of authentication of random downloads of the /msg/sendtext component.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
dootask
Published
2025-08-22
Last Modified
2026-02-24
References
https://www.notion.so/Dootask-arbitrary-file-download-vulnerability-2172818a9e11804087d3c6829289ebbd?source=copy_link https://nvd.nist.gov/vuln/detail/CVE-2025-55455
Patch
https://www.dootask.com/zh/download
Share on: