CNNVD-202508-3068 Information

CNNVD ID

CNNVD-202508-3068

Related CVE

CVE-2025-57425

• CNNVD Published: 2025-08-26

Description (Chinese)

SourceCodester FAQ Management System是SourceCodester开源的一个问答管理系统。 SourceCodester FAQ Management System 1.0版本存在安全漏洞，该漏洞源于update-faq.php端点未清理question和answer字段，可能导致存储型跨站脚本攻击。

Description (English)

SourceCodester FAQ Management System is an open-source question-and-answer management system for ServiceCodester. Security loophole in version 1.0 of SourceCodester FAQ Management System, which originates from uncleaned Qastion and answer fields at the update-faq.php endpoint, may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

SourceCodester

Published

2025-08-26

Last Modified

2026-02-24

References

https://gist.github.com/progprnv/10110b20469e4ae02aa1c9bfe130f5e9 https://nvd.nist.gov/vuln/detail/CVE-2025-57425