CNNVD-202509-4335 Information

CNNVD ID

CNNVD-202509-4335

Related CVE

CVE-2025-57266

• CNNVD Published: 2025-09-29

Description (Chinese)

ThriveX-Blog是LiuYuYang01个人开发者的一个博客管理系统。 ThriveX-Blog 2.5.9版本至3.1.3版本存在安全漏洞，该漏洞源于/api/assistant/list端点未经验证，可能导致敏感信息泄露。

Description (English)

TriveX-Blog is a blog management system for LiuYuyang01 personal developers. There is a security loophole in ThriveX-Blog versions 2.5.9 to 3.1.3, which originates from unverified endpoints/api/assistant/list, which may lead to the disclosure of sensitive information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-09-29

Last Modified

2026-02-24

References

https://gist.github.com/candyb0x/fccc49a989473b7f1e47479619eaf1ca https://github.com/LiuYuYang01/ThriveX-Server/issues/55