CNNVD-202509-4422 Information

CNNVD ID

CNNVD-202509-4422

Related CVE

CVE-2025-11137

• CNNVD Published: 2025-09-29

Description (Chinese)

Gstarsoft GstarCAD是中国浩辰软件（Gstarsoft）公司的一款计算机辅助设计软件。 Gstarsoft GstarCAD 9.4.0及之前版本存在代码注入漏洞，该漏洞源于文件重命名处理组件存在跨站脚本漏洞。

Description (English)

Gstarsoft GstarCAD is a computer-aided design software for Gstarsoft. Gstarsoft GstarCAD 9.4.0 and previous versions had a code injection loophole, which stemmed from a cross-site script gap in the file renaming processing component.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

浩辰软件

Published

2025-09-29

Last Modified

2026-02-24

References

https://github.com/coolcj-stack/-CAD-GstarCAD-Viewer-Web-V9.4.0-Stored-Cross-Site-Scripting-XSS https://vuldb.com/?ctiid.326214 https://vuldb.com/?id.326214 https://vuldb.com/?submit.652764