CNNVD-202509-4073 Information
CNNVD ID
CNNVD-202509-4073
Related CVE
- CNNVD Published: 2025-09-26
Description (Chinese)
DataTables是SpryMedia Limited开源的一个jQuery的时间插件。 DataTables 1.10.13及之前版本存在安全漏洞,该漏洞源于对文件/examples/resources/examples.php中参数src的错误操作,可能导致路径遍历攻击。
Description (English)
DataTables is a jQuery time plugin for SpryMedia Limited. DataTables 1.10.13 and previous versions contain a security loophole, which stems from an error in the use of src for the parameters in the file/examples/resources/examples.php, which may lead to a routing attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
SpryMedia Limited
Published
2025-09-26
Last Modified
2026-02-24
References
https://github.com/DataTables/DataTables/commit/3b24f99ac4ddb7f9072076b0d07f0b1a408f177a https://github.com/DataTables/DataTables/releases/tag/1.10.15 https://github.com/xiaoliyu-1/Faculty-Management-System-examples.php-v.1.0-Path-Traversal/blob/main/report.md https://github.com/xiaoliyu-1/Faculty-Management-System-examples.php-v.1.0-Path-Traversal/blob/main/report.md#url https://vuldb.com/?ctiid.325970 https://vuldb.com/?id.325970 https://vuldb.com/?submit.657918 https://access.redhat.com/security/cve/cve-2025-11031
Patch
https://github.com/DataTables/DataTables/tags
Share on: