CNNVD-202508-376 Information
CNNVD ID
CNNVD-202508-376
Related CVE
- CNNVD Published: 2025-08-05
Description (Chinese)
Maxthon 3(傲游浏览器3)是中国遨游(Maxthon)公司的一款浏览器。 Maxthon 3(傲游浏览器3)3.3之前版本存在安全漏洞,该漏洞源于未正确处理about:history页面输入,可能导致跨上下文脚本攻击。
Description (English)
Maxthon 3 (Maxthon 3) is a browser for China. The previous version of Maxthon 3 (Poor Travel Browser 3) 3.3 had a security loophole, which originated from incorrect processing of about:histoory page input, which could lead to a script attack across the context.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
遨游
Published
2025-08-05
Last Modified
2026-02-24
References
https://www.maxthon.com/ https://www.fortiguard.com/encyclopedia/ips/34203 https://www.exploit-db.com/exploits/23225 http://blog.malerisch.net/2012/12/maxthon-cross-context-scripting-xcs-about-history-rce.html https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/browser/maxthon_history_xcs.rb https://www.vulncheck.com/advisories/maxthon3-xcs-trusted-zone-code-exec https://access.redhat.com/security/cve/cve-2012-10032
Patch
https://www.maxthon.com/zh/history
Share on: