CNNVD-202509-1871 Information
Sep 14, 2025
cve
CNNVD ID
CNNVD-202509-1871
Related CVE
- CNNVD Published: 2025-09-14
Description (Chinese)
Yida ECMS Consulting Enterprise Management System是中国易达(Yida)公司的一款企业管理系统。 Yida ECMS Consulting Enterprise Management System 1.0版本存在代码注入漏洞,该漏洞源于对文件/login.do中参数requestUrl的错误操作,可能导致跨站脚本攻击。
Description (English)
Yida ECMS Consulting Enterprise Management System is an enterprise management system of Yida, China. Yida ECMS Consulting Enterprise System Version 1.0 contains a code-injecting loophole, which stems from an error in the argument requesturl in file/login.do, which may result in a cross-site script attack.
Hazard Level
High
Vulnerability Type
代码注入
Affected Vendor
易达
Published
2025-09-14
Last Modified
2026-02-24
References
https://vuldb.com/?submit.643990 https://github.com/1276486/CVE/issues/10 https://vuldb.com/?id.323821 https://vuldb.com/?ctiid.323821 https://access.redhat.com/security/cve/cve-2025-10386
Share on: