CNNVD-202511-1738 Information

CNNVD ID

CNNVD-202511-1738

Related CVE

CVE-2025-13178

• CNNVD Published: 2025-11-14

Description (Chinese)

Bdtask SalesERP是孟加拉国Bdtask公司的一个销售企业资源规划软件。 Bdtask SalesERP 20250728及之前版本存在安全漏洞，该漏洞源于对文件/edit_profile中参数first_name/last_name的错误操作，可能导致基本跨站脚本攻击。

Description (English)

Bdtask SaleserP is a sales enterprise resource planning software for Bdtask in Bangladesh. Bdtask SaleserP 202500728 and previous versions have a security loophole, which stems from an error in the use of the parameter first name/last name in the file/edit profile, which may lead to a basic cross-site script attack.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Bdtask

Published

2025-11-14

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.332468 https://vuldb.com/?submit.684820 https://vuldb.com/?id.332468 https://github.com/4m3rr0r/PoCVulDb/issues/2 https://access.redhat.com/security/cve/cve-2025-13178