CNNVD-202508-702 Information

CNNVD ID

CNNVD-202508-702

Related CVE

CVE-2025-51629

• CNNVD Published: 2025-08-07

Description (Chinese)

Agenzia Impresa EccoBook是意大利Agenzia Impresa公司的一款账本软件。 Agenzia Impresa EccoBook 2.81.1版本存在安全漏洞，该漏洞源于PdfViewer组件对Temp参数处理不当，可能导致跨站脚本攻击。

Description (English)

Agenzia Impressa EcoBook is a booking software for the Italian company Agenzia Impressa. There is a security loophole in version 2.81.1 of Agenzia Impresa EcoBook, which stems from the inappropriate handling of Tempt parameters by the PdfViewer component, which could lead to a cross-site script attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Agenzia Impresa

Published

2025-08-07

Last Modified

2026-02-24

References

http://agenzia.com http://eccobook.com https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2025-51629%20%7C%20Eccobook.md