CNNVD-202511-3035 Information

CNNVD ID

CNNVD-202511-3035

Related CVE

CVE-2025-65892

• CNNVD Published: 2025-11-29

Description (Chinese)

krpano是奥地利krpano公司的一个VR媒体制作和显示软件工具集。 krpano 1.23.2之前版本存在安全漏洞，该漏洞源于passQueryParameters函数处理不当，可能导致反射型跨站脚本攻击。

Description (English)

krpano is a VR media production and display software tool set by Krpano Austria. There was a security loophole in the pre-Krpano 1.23.2 version, which stemmed from the inappropriate handling of the PassQuery Parameters function, which could result in a cross-script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

krpano

Published

2025-11-29

Last Modified

2026-02-24

References

https://krpano.com/forum/wbb/index.php?thread/20554-krpano-1-23-3d-gaussian-splatting-support/&postID=96997#post96997 https://krpano.com/docu/releasenotes/?version=1.23.3 https://access.redhat.com/security/cve/cve-2025-65892

Patch

https://krpano.com/download/