CNNVD-202508-3088 Information

CNNVD ID

CNNVD-202508-3088

Related CVE

CVE-2025-52036

• CNNVD Published: 2025-08-26

Description (Chinese)

NotesCMS是Fullstack WebDev开源的一个功能齐全的内容管理系统。 NotesCMS存在安全漏洞，该漏洞源于/index.php?route=categories页面标题处理不当，可能导致存储型跨站脚本攻击。

Description (English)

NotesCMS is a fully functional content management system for Fullstack WebDev. There is a security loophole in NotesCMS, which stems from/index.php?route=categories page title misprocessing, which could lead to storage-type cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Fullstack WebDev

Published

2025-08-26

Last Modified

2026-02-24

References

https://github.com/PrivateAccount/NotesCMS/issues/1 https://gist.github.com/yA0-Z/aeea5af372fec0085c6a4a7bb9c6bc8e https://nvd.nist.gov/vuln/detail/CVE-2025-52036

Patch

https://github.com/PrivateAccount/NotesCMS/commit/95322c5121dbd7070f3bd54f2848079654a0a8ea