CNNVD-202511-1732 Information

CNNVD ID

CNNVD-202511-1732

Related CVE

CVE-2025-13180

• CNNVD Published: 2025-11-14

Description (Chinese)

Bdtask Wholesale Inventory Control and Inventory Management System是孟加拉国Bdtask公司的一个库存管理软件。 Bdtask Wholesale Inventory Control and Inventory Management System 20250320及之前版本存在安全漏洞，该漏洞源于对文件/edit_profile中参数first_name/last_name的错误操作，可能导致基本跨站脚本攻击。

Description (English)

Bdtask Holesale Information Control and Information Management System is an inventory management software for Bdtask in Bangladesh. There is a security loophole in Bdtask Holesale Inventory Control and Inventory Management System 20250320 and earlier versions, which stems from a mishandling of the parameter first name/last name in the document/edit profile, which could lead to a basic cross-site script attack.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Bdtask

Published

2025-11-14

Last Modified

2026-02-24

References

https://vuldb.com/?submit.684824 https://github.com/4m3rr0r/PoCVulDb/issues/4 https://vuldb.com/?id.332470 https://vuldb.com/?ctiid.332470 https://access.redhat.com/security/cve/cve-2025-13180