CNNVD-202509-1387 Information

CNNVD ID

CNNVD-202509-1387

Related CVE

CVE-2025-52277

• CNNVD Published: 2025-09-09

Description (Chinese)

YesWiki是法国YesWiki组织的一个用 PHP 编写的 wiki 系统。用于以协作方式创建和管理网站。 YesWiki 4.54版本存在安全漏洞，该漏洞源于meta配置robots字段存在跨站脚本，可能导致执行任意代码。

Description (English)

YesWiki is a wiki system developed by the PHP organization YesWiki in France. To create and manage the website in a collaborative manner. There is a security loophole in the version of YesWiki 4.54, which stems from the presence of a cross-site script in the Meta configuration robots field, which could lead to the implementation of any code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

YesWiki

Published

2025-09-09

Last Modified

2026-02-24

References

http://yeswiki.com https://github.com/nakkouchtarek/CVE/tree/main/CVE-2025-52277 https://access.redhat.com/security/cve/cve-2025-52277