CNNVD-202508-3448 Information

CNNVD ID

CNNVD-202508-3448

Related CVE

CVE-2025-56236

• CNNVD Published: 2025-08-28

Description (Chinese)

FormCMS是formcms个人开发者的一个页面设计器。 FormCMS 0.5.5版本存在安全漏洞，该漏洞源于头像上传功能存在存储型跨站脚本，可能导致特权用户浏览器环境中执行恶意脚本。

Description (English)

FormCMS is a page designer for the Formcms personal developer. FormCMS version 0.5.5 contains a security loophole, which stems from the existence of a stored cross-site script for header upload, which may result in the implementation of malicious scripts in the privileged user browser environment.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-28

Last Modified

2026-02-24

References

https://github.com/KKC73/me/blob/main/CVE-2025-56236/README.md https://github.com/FormCms/FormCms/issues/27 https://nvd.nist.gov/vuln/detail/CVE-2025-56236

Patch

https://github.com/formcms/formcms/releases