CNNVD-202510-4188 Information

Oct 30, 2025 cve

CNNVD ID

CNNVD-202510-4188

CVE-2025-52180

CNNVD Published: 2025-10-30

Description (Chinese)

Zucchetti Ad Hoc Infinity是Zucchetti公司的一款 ERP 软件。 Zucchetti Ad Hoc Infinity 4.2及之前版本存在安全漏洞，该漏洞源于pHtmlSource参数未经验证，可能导致跨站脚本攻击。

Description (English)

Zucchetti Ad Hoc Information is an ERP for Zucchetti. There was a security loophole in Zucchetti Ad Hoc Information 4.2 and earlier versions, which originated from unverified pHtmlSource parameters and could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Zucchetti

Published

2025-10-30

Last Modified

2026-02-24

References

https://gist.github.com/alex-xor/8d0f9f456e6840a955889305ea789ef8 https://www.zucchetti.it/ https://access.redhat.com/security/cve/cve-2025-52180

Patch

https://www.zucchetti.it/it/cms/home.html

Share on: