CNNVD-202508-2684 Information
Aug 22, 2025
cve
CNNVD ID
CNNVD-202508-2684
Related CVE
- CNNVD Published: 2025-08-22
Description (Chinese)
dootask是dootask公司的一款开源在线项目任务管理工具。 dootask 1.0.51版本存在安全漏洞,该漏洞源于/msg/sendfiles组件存在认证任意文件上传问题,可能导致执行任意代码。
Description (English)
Dootask is an open-source online project task management tool for Dootask. There is a security loophole in the dootask version 1.0.51, which stems from the issue of the authentication of any document uploading of the /msg/sendfiles component, which may lead to the enforcement of any code.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
dootask
Published
2025-08-22
Last Modified
2026-02-24
References
https://www.notion.so/Dootask-Arbitrary-file-upload-vulnerability-2162818a9e118053a586cf4bc05fd1fa https://nvd.nist.gov/vuln/detail/CVE-2025-55454
Patch
https://www.dootask.com/zh/download
Share on: