CNNVD-202511-2852 Information

CNNVD ID

CNNVD-202511-2852

Related CVE

CVE-2025-65676

• CNNVD Published: 2025-11-26

Description (Chinese)

ClassroomIO.com是ClassroomIO开源的一个教育平台。 ClassroomIO.com 0.1.13版本存在安全漏洞，该漏洞源于存储型跨站脚本，可能导致经过身份验证的攻击者通过特制SVG封面图片执行任意代码。

Description (English)

Classroomio.com is an educational platform open to Classroomio. ClassroomIO.com 0.1.13 has a security loophole, which originates in a storage-type cross-site script and may lead to any code being executed by an identified assailant through a specially made SVG cover picture.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

ClassroomIO

Published

2025-11-26

Last Modified

2026-02-24

References

http://classroomio.com https://github.com/classroomio/classroomio https://github.com/Rivek619/CVE-2025-65676 https://access.redhat.com/security/cve/cve-2025-65676