CNNVD-202510-473 Information
Oct 03, 2025
cve
CNNVD ID
CNNVD-202510-473
Related CVE
- CNNVD Published: 2025-10-03
Description (Chinese)
XunRuiCMS(迅睿CMS)是XunRuiCMS个人开发者的一个内容管理系统。 XunRuiCMS 4.7.1版本存在安全漏洞,该漏洞源于SVG文件上传验证不足,可能导致存储型跨站脚本攻击。
Description (English)
XunRuiCMS (Wise CMS) is a content management system for XunruiCMS personal developers. XunRuiCMS Version 4.7.1 contains a security loophole, which stems from inadequate upload verification of SVG documents, which may result in a storage-type cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-10-03
Last Modified
2026-02-24
References
https://snowhy77.github.io/2025/08/18/File-Upload-to-Achieve-Stored-XSS-Attack/
Share on: