CNNVD-202510-1470 Information

Oct 10, 2025 cve

CNNVD ID

CNNVD-202510-1470

CVE-2025-41089

  • CNNVD Published: 2025-10-10

Description (Chinese)

Xibo CMS是Xibo Digital Signage开源的一个内容管理系统。 Xibo CMS v4.1.2版本存在跨站脚本漏洞,该漏洞源于缺乏对用户输入的适当验证,可能导致反射型跨站脚本攻击。

Description (English)

Xibo CMS is an open-source content management system for Xibo Digital Signage. Version Xibo CMS v.4.1.2 has a cross-site script loophole, which stems from the lack of proper validation of user input and may result in a cross-reflective script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Xibo Digital Signage

Published

2025-10-10

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-xibo-cms

Patch

https://xibosignage.com/cms

Share on: