CNNVD-202508-3089 Information

CNNVD ID

CNNVD-202508-3089

Related CVE

CVE-2025-52035

• CNNVD Published: 2025-08-26

Description (Chinese)

NotesCMS是Fullstack WebDev开源的一个功能齐全的内容管理系统。 NotesCMS存在安全漏洞，该漏洞源于/index.php?route=notes页面标题处理不当，可能导致存储型跨站脚本攻击。

Description (English)

NotesCMS is a fully functional content management system for Fullstack WebDev. There is a security loophole in NotesCMS, which stems from/index.php?route=notes page title mishandling, which could lead to a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Fullstack WebDev

Published

2025-08-26

Last Modified

2026-02-24

References

https://github.com/PrivateAccount/NotesCMS/issues/2 https://gist.github.com/yA0-Z/54322492b29d7711859913891a7ef988 https://nvd.nist.gov/vuln/detail/CVE-2025-52035

Patch

https://github.com/PrivateAccount/NotesCMS/commit/95322c5121dbd7070f3bd54f2848079654a0a8ea