CNNVD-202509-3138 Information

Sep 19, 2025 cve

CNNVD ID

CNNVD-202509-3138

CVE-2025-46703

CNNVD Published: 2025-09-19

Description (Chinese)

BlueSpice是BlueSpice公司的基于MediaWiki引擎的免费Wiki软件。 BlueSpice 5版本至5.1.1版本存在安全漏洞，该漏洞源于输出编码或转义不当，可能导致跨站脚本攻击。

Description (English)

BlueSpicice is BlueSpice’s free Wiki software based on MediaWiki engine. There is a security loophole in BlueSpice versions 5 to 5.1.1, which stems from inappropriate output codes or transpositions, which may lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Bluestar

Published

2025-09-19

Last Modified

2026-02-24

References

https://en.wiki.bluespice.com/wiki/Security:Security_Advisories/BSSA-2025-05

Patch

https://en.wiki.bluespice.com/wiki/Security:Security_Advisories/BSSA-2025-05

Share on: