CNNVD-202510-1271 Information

CNNVD ID

CNNVD-202510-1271

Related CVE

CVE-2025-60267

• CNNVD Published: 2025-10-09

Description (Chinese)

xckk（小菜低代码开发平台）是中国云网软件（bestfeng）开源的一款低代码开发平台。 xckk v9.6版本存在安全漏洞，该漏洞源于notice/list中的cond参数未安全过滤，可能导致SQL注入攻击。

Description (English)

xckk (low code development platform) is a low code development platform for the open source of Chinese cloudnet software (bestfeng). Version xckk v9.6 has a security loophole, which stems from the non-safe filtering of the code parameters in the Notice/list, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

云网软件

Published

2025-10-09

Last Modified

2026-02-24

References

https://gitee.com/bestfeng/xckk https://github.com/int-ux/report/issues/3