CNNVD-202511-2880 Information

CNNVD ID

CNNVD-202511-2880

Related CVE

CVE-2025-65237

• CNNVD Published: 2025-11-26

Description (Chinese)

OpenCode USSD Gateway是OpenCode开源的一个处理和管理USSD消息的网关软件。 OpenCode USSD Gateway存在安全漏洞，该漏洞源于反射型跨站脚本，可能导致攻击者在用户浏览器执行任意JavaScript。

Description (English)

OpenCode USSD Gateway is a gateway software for processing and managing USSD messages from OpenCode Open Source. OpenCode USSD Gateway has a security loophole, which originates from a reflector-type cross-site script and could lead to the assailants executing any JavaScript on the user browser.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Opencode

Published

2025-11-26

Last Modified

2026-02-24

References

https://eslam3kl.gitbook.io https://eslam3kl.gitbook.io/blog/web-application-findings/cve-2025-65237-ussd-gateway-reflected-cross-site-scripting https://github.com/eslam3kl https://access.redhat.com/security/cve/cve-2025-65237