CNNVD-202510-2378 Information

CNNVD ID

CNNVD-202510-2378

Related CVE

CVE-2025-58115

• CNNVD Published: 2025-10-16

Description (Chinese)

ChatLuck是日本ChatLuck公司的一个企业内外部沟通软件。 ChatLuck存在跨站脚本漏洞，该漏洞源于访客用户注册中存在跨站脚本漏洞，可能导致用户浏览器执行任意脚本。

Description (English)

ChatLuck is an internal and external communication software for a Japanese company, ChatLuck. ChatLuck had a cross-site script loophole, which stemmed from the existence of a cross-site script gap in the user registration of visitors, which could lead to any script being executed by the user browser.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

ChatLuck

Published

2025-10-16

Last Modified

2026-02-24

References

https://jvn.jp/en/jp/JVN13030751/ https://www.chatluck.com/support/package/mainte/pchatluck-%e8%a3%bd%e5%93%81%e3%81%ab%e3%81%8a%e3%81%91%e3%82%8b%e3%80%81%e8%a4%87%e6%95%b0%e3%81%ae%e3%82%bb%e3%82%ad%e3%83%a5%e3%83%aa%e3%83%86%e3%82%a3%e4%b8%8a%e3%81%ae%e5%95%8f%e9%a1%8c%e3%81%ab/

Patch

https://www.chatluck.com/