CNNVD-202510-1464 Information

Oct 10, 2025 cve

CNNVD ID

CNNVD-202510-1464

CVE-2025-11189

CNNVD Published: 2025-10-10

Description (Chinese)

Kiwire Captive Portal是马来西亚Kiwire公司的一个登录认证页面。 Kiwire Captive Portal存在安全漏洞，该漏洞源于login-url参数存在反射型跨站脚本，可能导致执行Javascript代码。

Description (English)

Kiwire Captive Portal is a login authentication page for the Malaysian company Kiwire. There is a security loophole in Kiwire Captive Portal, which stems from the reflective cross-site script of the login-url parameter, which may lead to the implementation of the Javascript code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Kiwire

Published

2025-10-10

Last Modified

2026-02-24

References

https://www.synchroweb.com/release-notes/kiwire/security

Patch

https://www.synchroweb.com/release-notes/kiwire/security

Share on: