CNNVD-202511-2064 Information

CNNVD ID

CNNVD-202511-2064

Related CVE

CVE-2025-59110

• CNNVD Published: 2025-11-18

Description (Chinese)

Windu CMS（温杜CMS）是Windu公司的一套轻量级的网站内容管理系统（CMS）。 Windu CMS 4.1版本存在跨站请求伪造漏洞，该漏洞源于CSRF保护机制可被绕过，可能导致跨站请求伪造攻击。

Description (English)

Windu CMS (Windu CMS) is a lightweight web content management system (CMS) for Windu. Version 4.1 of Windu CMS contains a forgery gap in cross-site requests, which stems from the fact that the CSRF protection mechanism can be bypassed and may lead to cross-site requests for forgery attacks.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

Windu

Published

2025-11-18

Last Modified

2026-02-24

References

https://cert.pl/posts/2025/11/CVE-2025-59110 https://windu.org/ https://access.redhat.com/security/cve/cve-2025-59110