CNNVD-202508-268 Information

CNNVD ID

CNNVD-202508-268

Related CVE

CVE-2025-8527

• CNNVD Published: 2025-08-04

Description (Chinese)

XBoot是Exrick个人开发者的一个一站式前后端分离快速开发平台。 XBoot 3.3.4及之前版本存在代码问题漏洞，该漏洞源于对参数loginUrl的错误操作导致服务端请求伪造。

Description (English)

XBoot is a one-stop, back-to-back, back-end, rapid development platform for Exrick personal developers. XBoot 3.3.4 and previous versions had a code problem loophole, which stemmed from a mishandling of the parameter loginUrl, which led to the service request for forgery.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

个人开发者

Published

2025-08-04

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.318653 https://github.com/Exrick/xboot/issues/70#issue-3252425972 https://vuldb.com/?submit.622174 https://vuldb.com/?id.318653 https://access.redhat.com/security/cve/cve-2025-8527 https://nvd.nist.gov/vuln/detail/CVE-2025-8527