CNNVD-202510-1226 Information

CNNVD ID

CNNVD-202510-1226

Related CVE

CVE-2025-61773

• CNNVD Published: 2025-10-09

Description (Chinese)

pyLoad是pyLoad开源的一个用 Python 编写的免费开源下载管理器。 pyLoad 0.5.0b3.dev91之前版本存在安全漏洞，该漏洞源于Captcha脚本端点和Click N Load Blueprint中输入验证不足，可能导致跨站脚本攻击或其他意外行为。

Description (English)

PyLoad is a free open source download manager by Python. There was a security loophole in the pre-pyLoad 0.5.0b3.dev91 version, which stemmed from inadequate validation of the Captcha script endpoint and the Click N Load Blueprint, which could result in a cross-site script attack or other accidental act.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

pyLoad

Published

2025-10-09

Last Modified

2026-02-24

References

https://github.com/pyload/pyload/commit/5823327d0b797161c7195a1f660266d30a69f0ca https://github.com/pyload/pyload/pull/4624 https://github.com/pyload/pyload/security/advisories/GHSA-cjjf-27cc-pvmv https://access.redhat.com/security/cve/cve-2025-61773

Patch

https://pyload.net/