CNNVD-202508-3259 Information

CNNVD ID

CNNVD-202508-3259

Related CVE

CVE-2025-30036

• CNNVD Published: 2025-08-27

Description (Chinese)

CGM CLININET是德国CGM公司的一款医院信息管理系统。 CGM CLININET存在跨站脚本漏洞，该漏洞源于Oddzial模块中死亡诊断描述字段存在存储型跨站脚本，可能导致会话劫持或权限提升。

Description (English)

CGM CLIINNET is a hospital information management system operated by the German company CGM. CGM CLININET has a cross-site script loophole, which stems from the existence of a storage-type cross-site script in the death diagnostic description field in the Oddzial module, which may lead to a session hijacking or an increase in privileges.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

CGM

Published

2025-08-27

Last Modified

2026-02-24

References

https://cert.pl/en/posts/2025/08/CVE-2025-2313/ https://nvd.nist.gov/vuln/detail/CVE-2025-30036