CNNVD-202509-2507 Information

CNNVD ID

CNNVD-202509-2507

Related CVE

CVE-2024-12796

• CNNVD Published: 2025-09-16

Description (Chinese)

Workcube ERP是土耳其Workcube公司的一个企业资源计划平台。 Workcube ERP V12版本至V14版本和20250916及之前版本存在跨站脚本漏洞，该漏洞源于网页生成期间输入中和不当，可能导致反射型跨站脚本攻击。

Description (English)

Workcube ERP is a business resource planning platform for the Turkish company Workcube. Workcube ERP V12 to V14 and before and after 20250916 had a cross-site script loophole, which stemmed from inappropriate input during webpage generation and could lead to a cross-site cross-reflection attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Workcube

Published

2025-09-16

Last Modified

2026-02-24

References

https://www.usom.gov.tr/bildirim/tr-25-0256