CNNVD-202510-1673 Information

CNNVD ID

CNNVD-202510-1673

Related CVE

CVE-2025-11184

• CNNVD Published: 2025-10-13

Description (Chinese)

QGIS QWC2 Registration GUI是QGIS组织的一个Web前端客户端框架的可选应用。 QGIS QWC2 Registration GUI v2025.03.31及之前版本存在安全漏洞，该漏洞源于授权攻击者可植入任意JavaScript代码，可能导致跨站脚本攻击。

Description (English)

QGIS QWC2 Regulation GUI is an optional application for a Web front-end client framework organized by QGIS. QGIS QWC2 Registration GUI v2025.03.31 and previous versions contain a security loophole, which stems from the fact that authorized attackers can implant any JavaScript code that could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

QGIS

Published

2025-10-13

Last Modified

2026-02-24

References

https://hub.ntc.swiss/ntcf-2025-7724