CNNVD-202510-3616 Information

CNNVD ID

CNNVD-202510-3616

Related CVE

CVE-2025-11682

• CNNVD Published: 2025-10-27

Description (Chinese)

Perx Customer Engagement & Loyalty Platform是新加坡Perx公司的一个客户参与活动平台。 Perx Customer Engagement & Loyalty Platform 4.617.4之前版本存在安全漏洞，该漏洞源于SVG文件上传清理不当，可能导致存储型跨站脚本攻击。

Description (English)

PerxCustomer Engineering & Lloydty Platform is a customer engagement platform of Perx Singapore. Perx Customer Engineering & Lloydty Platform 4.617.4 contains a security loophole that stems from the inappropriate uploading and clean-up of SVG files, which may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Perx

Published

2025-10-27

Last Modified

2026-02-24

References

https://www.redguard.ch/blog/2025/10/27/advisory-perx-lmt-dashboard/

Patch

https://www.perxtech.com/