CNNVD-202509-4383 Information

CNNVD ID

CNNVD-202509-4383

Related CVE

CVE-2025-56807

• CNNVD Published: 2025-09-29

Description (Chinese)

FairSketch RISE Ultimate Project Manager是FairSketch公司的一款项目管理系统。 FairSketch RISE Ultimate Project Manager 3.9.4版本存在安全漏洞，该漏洞源于管理员在创建新文件夹时可通过文件资源管理器存储JavaScript有效载荷，可能导致跨站脚本攻击。

Description (English)

FairSketch Rise Ultimate Project Manager is a project management system for FairSketch. FairSketch Rise Ultime Project version 3.9.4 contains a security loophole, which stems from the fact that administrators can store the JavaScript payload through the File Resource Manager when creating new folders, which may result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

FairSketch

Published

2025-09-29

Last Modified

2026-02-24

References

http://fairsketch.com https://github.com/aqwainfosec/CVE-2025-56807/