CNNVD-202511-132 Information
Nov 04, 2025
cve
CNNVD ID
CNNVD-202511-132
Related CVE
- CNNVD Published: 2025-11-04
Description (Chinese)
Zucchetti ZMaintenance Infinity是意大利ZMaintenance公司的一个企业资产管理与维护软件。 Zucchetti ZMaintenance Infinity v4.1及之前版本存在安全漏洞,该漏洞源于pHtmlSource参数未经验证输入,可能导致反射型跨站脚本攻击。
Description (English)
Zucchetti ZMaintenance Information is an enterprise asset management and maintenance software of ZMaintenance, Italy. There is a security loophole in Zucchetti ZMaintenance Information v. 4.1 and earlier versions, which originates from unverified input of pHtmlSource parameters, which could lead to a cross-script attack by reflector.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
ZMaintenance
Published
2025-11-04
Last Modified
2026-02-24
References
https://www.zucchetti.it/ https://gist.github.com/alex-xor/8651dbdd413e4fa7240b0ab1b1845d76 https://access.redhat.com/security/cve/cve-2025-61431
Share on: