CNNVD-202508-3228 Information

CNNVD ID

CNNVD-202508-3228

Related CVE

CVE-2025-50986

• CNNVD Published: 2025-08-27

Description (Chinese)

Diskover-web是美国Diskover公司的一款文件系统索引工具。 Diskover-web v2.3.0版本存在安全漏洞，该漏洞源于管理设置界面中多个配置字段清理不当，可能导致存储型跨站脚本攻击。

Description (English)

Diskover-web is a filesystem indexing tool for Diskover in the United States. Version Diskover-web v.2.3.0 has a security loophole, which stems from the improper clean-up of multiple configuration fields in the management settings interface, which may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Diskover

Published

2025-08-27

Last Modified

2026-02-24

References

https://github.com/4rdr/proofs/blob/main/info/diskover-web-v2.3.0-community-edition-stored-xss.md https://nvd.nist.gov/vuln/detail/CVE-2025-50986