CNNVD-202511-2663 Information

CNNVD ID

CNNVD-202511-2663

Related CVE

CVE-2025-41087

• CNNVD Published: 2025-11-24

Description (Chinese)

Taclia Web Application是西班牙Taclia公司的一个账单和业务管理平台。 Taclia web application存在跨站脚本漏洞，该漏洞源于上传的SVG图像未正确清理，可能导致存储型跨站脚本攻击。

Description (English)

Taccia Web Application is a billing and business management platform for the Spanish company Taclia. There is a cross-site script loophole in Taclia web application, which stems from the incorrect clean-up of uploaded SVG images, which may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Taclia

Published

2025-11-24

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-xss-stored-taclias-web-application

Patch

https://www.taclia.com/prueba-gratis