CNNVD-202510-4408 Information
Oct 31, 2025
cve
CNNVD ID
CNNVD-202510-4408
Related CVE
- CNNVD Published: 2025-10-31
Description (Chinese)
LogicalDOC Community Edition是意大利LogicalDOC公司的一个文档系统。 LogicalDOC Community Edition 9.2.1及之前版本存在代码注入漏洞,该漏洞源于API Key creation UI组件中存在跨站脚本漏洞。
Description (English)
The LogicalDOC Commission is a filing system of LogicalDOC, Italy. There is a code-injection loophole in the LocalDOC Community Division 9.2.1 and earlier versions, which stems from the cross-site script gap in the API Key creation UI component.
Hazard Level
Critical
Vulnerability Type
代码注入
Affected Vendor
LogicalDOC
Published
2025-10-31
Last Modified
2026-02-24
References
https://gist.github.com/thezeekhan/fa0dcfda4f1f915c625d3f89f8ec0529 https://vuldb.com/?ctiid.330806 https://vuldb.com/?id.330806 https://vuldb.com/?submit.677170 https://access.redhat.com/security/cve/cve-2025-12546
Patch
https://www.logicaldoc.com/download-logicaldoc-community
Share on: