CNNVD-202509-1723 Information

Sep 11, 2025 cve

CNNVD ID

CNNVD-202509-1723

CVE-2025-9910

CNNVD Published: 2025-09-11

Description (Chinese)

jsondiffpatch是Benjamín Eidelman个人开发者的一个具有区分和修补JavaScript对象功能的软件。 jsondiffpatch 0.7.2之前版本存在安全漏洞，该漏洞源于HtmlFormatter::nodeBegin容易受到跨站脚本攻击，可能导致代码执行。

Description (English)

Jsondiffpaytch is a software for the Benjamín Eidelman personal developer that distinguishes and repairs JavaScript objects. There was a security loophole in the pre-Jsondifftch 0.7.2 version, which originated from the vulnerability of HtmlFormetter: node Begin to cross-site script attacks, which could lead to code enforcement.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-09-11

Last Modified

2026-02-24

References

https://benjamine.github.io/jsondiffpatch/index.html https://github.com/benjamine/jsondiffpatch/commit/0e374b5dd8d7879b329a9fc18affbd46ad50dd14 https://github.com/benjamine/jsondiffpatch/issues/383 https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-12549277 https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-12549276 https://security.snyk.io/vuln/SNYK-JS-JSONDIFFPATCH-10369031

Patch

https://github.com/benjamine/jsondiffpatch/commit/0e374b5dd8d7879b329a9fc18affbd46ad50dd14

Share on: