CNNVD-202510-4199 Information

CNNVD ID

CNNVD-202510-4199

Related CVE

CVE-2025-63885

• CNNVD Published: 2025-10-30

Description (Chinese)

AIxBlock是AIxBlock开源的一个AI自动化平台。 AIxBlock 04f305版本存在安全漏洞，该漏洞源于model_desc字段未对输入进行验证，可能导致存储型跨站脚本攻击。

Description (English)

AIxBlock is an AI automated platform for AIxBlock open source. The AuxBlock 04f305 version has a security loophole, which stems from the fact that the model desc field does not verify the input and may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

AIxBlock

Published

2025-10-30

Last Modified

2026-02-24

References

https://github.com/AIxBlock-2023/awesome-ai-dev-platform-opensource/issues/278%2C https://github.com/AIxBlock-2023/awesome-ai-dev-platform-opensource/pull/280/commits/04f3051187b884973beb42316489e3fb37116fdf https://access.redhat.com/security/cve/cve-2025-63885