CNNVD-202510-737 Information
Oct 05, 2025
cve
CNNVD ID
CNNVD-202510-737
Related CVE
- CNNVD Published: 2025-10-05
Description (Chinese)
CicadasCMS是中国westboy个人开发者的一款基于 SpringBoot Mybatis SpringSecurity Vue 开发的内容管理框架。 CicadasCMS存在安全漏洞,该漏洞源于模板管理页面中TemplateFileServiceImpl.java文件的Save函数存在跨站脚本漏洞,可能导致跨站脚本攻击。
Description (English)
CicadasCMS is a content management framework developed by SpringBoot Mybatis SpringSecure, a Chinese personal developer. CicadasCMS has a security loophole, which stems from the cross-site script gap in the Save function of the TemplateFileServiceImpl.java file on the template management page, which may lead to a cross-site script attack.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-10-05
Last Modified
2026-02-24
References
https://github.com/devastatingglamour/CVE/blob/main/CicadasCMS-XSS4.md https://vuldb.com/?ctiid.327170 https://vuldb.com/?id.327170 https://vuldb.com/?submit.659789
Share on: