CNNVD-202510-1674 Information
Oct 13, 2025
cve
CNNVD ID
CNNVD-202510-1674
Related CVE
- CNNVD Published: 2025-10-13
Description (Chinese)
QGIS QWC2是QGIS组织的一个Web前端客户端框架。 QGIS QWC2 2025.08.14之前版本存在安全漏洞,该漏洞源于属性表存在跨站脚本漏洞,可能导致授权攻击者在页面中植入任意JavaScript代码。
Description (English)
QGIS QWC2 is a Web front-end client framework for QGIS. QGIS QWC2 2025.08.14 had a security loophole, which stemmed from a cross-site script loophole in the attribute table, which could result in authorizing the attackers to implant any JavaScript code in the page.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
QGIS
Published
2025-10-13
Last Modified
2026-02-24
References
https://hub.ntc.swiss/ntcf-2025-4286
Share on: