CNNVD-202508-602 Information
Aug 06, 2025
cve
CNNVD ID
CNNVD-202508-602
Related CVE
- CNNVD Published: 2025-08-06
Description (Chinese)
Sage DPW是英国Sage公司的一个人力资源系统。 Sage DPW v2024.12.003版本存在安全漏洞,该漏洞源于tabfields参数未清理可能导致反射型跨站脚本攻击。
Description (English)
Sage DPW is a human resources system of Sage UK. There is a security loophole in version Sage DSW v2024.12.003, which stems from the fact that the non-cleaning of the tabfields parameters may result in a cross-script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Sage
Published
2025-08-06
Last Modified
2026-02-24
References
https://www.sec4you-pentest.com/schwachstelle/sage-dpw-schwachstelle-xss-in-db-monitor-tabfields/ https://www.sec4you-pentest.com/schwachstellen/ https://access.redhat.com/security/cve/cve-2025-51531
Patch
https://www.sagedpw.at/news/download-2025_06_000/
Share on: