CNNVD-202508-3229 Information

CNNVD ID

CNNVD-202508-3229

Related CVE

CVE-2025-50985

• CNNVD Published: 2025-08-27

Description (Chinese)

Diskover-web是美国Diskover公司的一款文件系统索引工具。 Diskover-web v2.3.0版本存在安全漏洞，该漏洞源于多个GET参数清理不当，可能导致反射型跨站脚本攻击。

Description (English)

Diskover-web is a filesystem indexing tool for Diskover in the United States. Release Diskover-web v. 2.3.0 contains a security loophole, which stems from inadequate clean-up of multiple GET parameters, which may result in a reflective cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Diskover

Published

2025-08-27

Last Modified

2026-02-24

References

https://github.com/4rdr/proofs/blob/main/info/diskover-web-v2.3.0-community-edition-reflected-xss.md https://nvd.nist.gov/vuln/detail/CVE-2025-50985