CNNVD-202509-3675 Information
Sep 23, 2025
cve
CNNVD ID
CNNVD-202509-3675
Related CVE
- CNNVD Published: 2025-09-23
Description (Chinese)
Yzmcms是Yzmcms开源的一套开源的CMS(内容管理系统)。 Yzmcms 7.3及之前版本存在安全漏洞,该漏洞源于注册页面referer标头处理不当,可能导致跨站脚本攻击。
Description (English)
Yzmcms is an open-source CMS (content management system) for Yzmcms. There is a security loophole in Yzmcms 7.3 and previous versions, which stems from inappropriate handling of the registration page referer header, which could lead to cross-site script attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Yzmcms
Published
2025-09-23
Last Modified
2026-02-24
References
http://yzmcms.com https://www.yzmcms.com/ https://gitee.com/cyjsyj/cve/wikis/CVE-2025-56304?sort_id=14635721 https://access.redhat.com/security/cve/cve-2025-56304
Patch
https://www.yzmcms.com/xiazai/
Share on: