CNNVD-202511-110 Information

CNNVD ID

CNNVD-202511-110

Related CVE

CVE-2025-62722

• CNNVD Published: 2025-11-04

Description (Chinese)

LinkAce是Kevin Woblick个人开发者的一个自托管档案库，用于收集您最喜爱的网站的链接。 LinkAce 2.3.1及之前版本存在跨站脚本漏洞，该漏洞源于社交媒体共享功能对标题字段输入验证不足，可能导致存储型跨站脚本攻击。

Description (English)

LinkAce is a self-hosted archive of Kevin Woblick personal developers to collect links to your favorite website. LinkAce 2.3.1 and previous versions had a cross-site script loophole, which stemmed from inadequate validation of title fields by social media sharing, which could lead to storage-type cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

个人开发者

Published

2025-11-04

Last Modified

2026-02-24

References

https://github.com/Kovah/LinkAce/security/advisories/GHSA-4mxh-7c7f-q79j https://github.com/Kovah/LinkAce/releases/tag/v2.4.0 https://github.com/Kovah/LinkAce/commit/95d29b71ad9d4750cff8bbe7488802f6a4afa6aa https://access.redhat.com/security/cve/cve-2025-62722

Patch

https://github.com/Kovah/LinkAce/releases