CNNVD-202510-1158 Information

CNNVD ID

CNNVD-202510-1158

Related CVE

CVE-2025-60298

• CNNVD Published: 2025-10-08

Description (Chinese)

Novel-Plus是Novel-Plus公司的一个在线社交阅读和写作平台。 Novel-Plus 5.2.4及之前版本存在安全漏洞，该漏洞源于indexName参数未经验证输入，可能导致存储型跨站脚本攻击。

Description (English)

Novel-Plus is an online social reading and writing platform for Novel-Plus. Novel-Plus 5.2.4 and previous versions have a security loophole, which originates from unverified input of the indexName parameter, which may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Novel-Plus

Published

2025-10-08

Last Modified

2026-02-24

References

https://github.com/201206030/novel-plus https://notes.sjtu.edu.cn/s/FB0dX82qf https://notes.sjtu.edu.cn/s/FB0dX82qf# https://access.redhat.com/security/cve/cve-2025-60298