CNNVD-202510-719 Information

CNNVD ID

CNNVD-202510-719

Related CVE

CVE-2025-11306

• CNNVD Published: 2025-10-05

Description (Chinese)

FoxCMS是中国黔狐（FoxCMS）公司的一套可免费商用开源的内容管理系统。 FoxCMS 1.2及之前版本存在安全漏洞，该漏洞源于对文件/index.php/Search中参数keyword的错误操作，可能导致跨站脚本攻击。

Description (English)

FoxCMS is a free, commercial, open-source content management system for the Chinese company FoxCMS. The FoxCMS 1.2 and previous versions have a security loophole, which stems from a mishandling of the parameter keyword in the file/index.php/Search, which could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

黔狐

Published

2025-10-05

Last Modified

2026-02-24

References

https://github.com/coolcj-stack/FoxCMS-V1.2-is-vulnerable-to-cross-site-scripting-attacks.-There-is-an-XSS-vulnerability https://vuldb.com/?ctiid.327187 https://vuldb.com/?id.327187 https://vuldb.com/?submit.661874