CNNVD-202509-1501 Information
Sep 10, 2025
cve
CNNVD ID
CNNVD-202509-1501
Related CVE
- CNNVD Published: 2025-09-10
Description (Chinese)
decap-cms是Decap CMS开源的一个基于Git的静态站点生成器。 decap-cms 3.8.3及之前版本存在安全漏洞,该漏洞源于跨站脚本,可能导致执行任意JavaScript。
Description (English)
Decap-cms is a Git-based static site generator from Decap CMS open source. There is a security loophole in the decap-cms 3.8.3 and earlier versions, which originated in a cross-site script and could lead to the execution of any JavaScript.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Decap CMS
Published
2025-09-10
Last Modified
2026-02-24
References
https://onurcangenc.com.tr/posts/cve-2025-57520–stored-xss-in-decap-cms-3-8-3/ https://onurcangenc.com.tr/blog/decap-cms-xss-analysis https://github.com/decaporg/decap-cms https://access.redhat.com/security/cve/cve-2025-57520
Share on: