CNNVD-202510-1341 Information
CNNVD ID
CNNVD-202510-1341
Related CVE
- CNNVD Published: 2025-10-09
Description (Chinese)
Logseq是Logseq开源的一个知识管理和协作平台。。 Logseq 0.10.9版本存在安全漏洞,该漏洞源于组件/app/marketplace.html对特制README.md文件中任意Javascript代码处理不当,可能导致跨站脚本攻击。
Description (English)
Logseq is an open-source knowledge management and collaborative platform for Logseq. Version 0.10.9 of Logseq has a security loophole, which stems from the improper handling of any Javascript code in the special README.md document, which may result in a cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Logseq
Published
2025-10-09
Last Modified
2026-02-24
References
https://github.com/logseq/logseq https://github.com/logseq/logseq/commit/4cdf49aedd8de073015b6945a529399c3bfa109a#diff-25789e3ba4c2adf4a68996260eb693a441b4a834c38b76167a120f0b51b969f7R72-R74 https://github.com/martinkubecka/Attributed-CVEs/blob/main/unresolved-vulnerabilities/logseq_xss_to_rce.md https://martinkubecka.sk/security-advisories/cve-2025-56683/
Patch
https://github.com/logseq/logseq/releases
Share on: