CNNVD-202508-3435 Information

CNNVD ID

CNNVD-202508-3435

Related CVE

CVE-2025-54544

• CNNVD Published: 2025-08-28

Description (Chinese)

QuickCMS是QuickCMS开源的一款内容管理系统。 QuickCMS 6.8版本存在跨站脚本漏洞，该漏洞源于aDirFilesDescriptions参数处理不当，可能导致存储型跨站脚本攻击。

Description (English)

QuickCMS is an open-source QuickCMS content management system. The QuickCMS 6.8 version has a cross-site script loophole, which stems from the mishandling of aDirFillsDescriptions parameters, which may lead to storage-type cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

QuickCMS

Published

2025-08-28

Last Modified

2026-02-24

References

https://opensolution.org https://cert.pl/posts/2025/08/CVE-2025-54540 https://nvd.nist.gov/vuln/detail/CVE-2025-54544