CNNVD-202510-3604 Information

CNNVD ID

CNNVD-202510-3604

Related CVE

CVE-2025-12251

• CNNVD Published: 2025-10-27

Description (Chinese)

OpenWGA是OpenWGA开源的一个内容管理系统和Web应用程序开发平台。 OpenWGA 7.11.12 Build 737版本存在代码注入漏洞，该漏洞源于Admin UI组件存在跨站脚本漏洞。

Description (English)

OpenWGA is an open-source content management system for OpenWGA and a Web application development platform. OpenWGA 7.11.1.12 Version 737 contains a code-injection loophole, which stems from the cross-site script gap in the Admin UI component.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

OpenWGA

Published

2025-10-27

Last Modified

2026-02-24

References

https://github.com/mikecole-mg/security_findings/blob/main/openwga/openwga-xss.md https://vuldb.com/?ctiid.329922 https://vuldb.com/?id.329922 https://vuldb.com/?submit.673919