CNNVD-202510-395 Information

CNNVD ID

CNNVD-202510-395

Related CVE

CVE-2025-10696

• CNNVD Published: 2025-10-03

Description (Chinese)

OpenSupports是OpenSupports开源的一款简单的开源的票务平台。 OpenSupports 4.11.0版本存在安全漏洞，该漏洞源于未验证操作者是否为列表所有者，可能导致权限提升和信息泄露。

Description (English)

OpenSupports is a simple open-source platform for OpenSupports. OpenSupports version 4.11.0 contains a security loophole, which originates from the unverified list owner, which may lead to an increase in privileges and the disclosure of information.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

OpenSupports

Published

2025-10-03

Last Modified

2026-02-24

References

https://fluidattacks.com/advisories/stratovarius https://github.com/opensupports/opensupports