CNNVD-202510-1442 Information

Oct 10, 2025 cve

CNNVD ID

CNNVD-202510-1442

CVE-2025-61319

CNNVD Published: 2025-10-10

Description (Chinese)

reNgine是Yogesh Ojha个人开发者的一个用于 Web 应用程序的自动侦察框架。专注于通过引擎、侦察数据关联和组织、持续监控、由数据库和简单而直观的用户界面支持的高度可配置的流线型侦察过程。 reNgine 2.2.0及之前版本存在安全漏洞，该漏洞源于Vulnerabilities模块未清理XSS有效载荷，可能导致存储型跨站脚本攻击。

Description (English)

ReNgine is an automated reconnaissance framework for Web applications by Yogesh Ojha personal developers. Focus on a highly configurable current-type reconnaissance process supported by an engine, detection of data linkages and organization, continuous monitoring, a database and a simple and visual user interface. There is a security loophole in reNgine 2.2.0 and previous versions, which stems from the fact that the Vulnerabilites module has not cleared the XSS payload, which could result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-10

Last Modified

2026-02-24

References

https://github.com/AmalJafarzade/CVE-2025-61319/ https://github.com/yogeshojha/rengine

Share on: