CNNVD-202511-1406 Information

CNNVD ID

CNNVD-202511-1406

Related CVE

CVE-2025-52331

• CNNVD Published: 2025-11-12

Description (Chinese)

Rarlab WinRAR是Rarlab公司的一个文件压缩/解压缩软件。 Rarlab WinRAR 7.11版本存在安全漏洞，该漏洞源于生成报告功能中存在跨站脚本，可能导致用户信息泄露。

Description (English)

Rarlab WinRAR is a file compression/compression software for Rarlab. There is a security loophole in Rarlab WinRAR version 7.11, which stems from the existence of a cross-site script in the generation reporting function, which may lead to the disclosure of user information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Rarlab

Published

2025-11-12

Last Modified

2026-02-24

References

https://gist.github.com/MarcinB44/2150484497c4b34aedf682c9091b14fa https://www.rarlab.com/rarnew.htm https://www.win-rar.com/whatsnew.html https://access.redhat.com/security/cve/cve-2025-52331

Patch

https://www.win-rar.com/download.html