CNNVD-202510-1471 Information

Oct 10, 2025 cve

CNNVD ID

CNNVD-202510-1471

CVE-2025-41088

  • CNNVD Published: 2025-10-10

Description (Chinese)

Xibo CMS是Xibo Digital Signage开源的一个内容管理系统。 Xibo CMS v4.1.2版本存在跨站脚本漏洞,该漏洞源于缺少对用户输入的适当验证,可能导致存储型跨站脚本攻击。

Description (English)

Xibo CMS is an open-source content management system for Xibo Digital Signage. Version Xibo CMS v4.1.2 has a cross-site script loophole, which stems from the lack of proper validation of user input and may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Xibo Digital Signage

Published

2025-10-10

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-xibo-cms

Patch

https://xibosignage.com/cms

Share on: