CNNVD-202511-372 Information

CNNVD ID

CNNVD-202511-372

Related CVE

CVE-2025-63416

• CNNVD Published: 2025-11-05

Description (Chinese)

SelfBest是美国SelfBest公司的一个专注开发的平台。 SelfBest 2023.3版本存在安全漏洞，该漏洞源于聊天功能中存在存储型跨站脚本，可能导致低权限攻击者执行任意JavaScript代码，从而获取敏感数据或提升权限。

Description (English)

SelfBest is a dedicated, developed platform of SelfBest, United States. Release 2023.3 of SelfBest has a security loophole, which stems from the existence of a storage cross-site script in the chat function, which may lead to the use of any JavaScript code by the low-authority assailants, thus obtaining sensitive data or increasing the privileges.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

SelfBest

Published

2025-11-05

Last Modified

2026-02-24

References

https://rohitchaudhary045.medium.com/cve-2025-63416-the-admin-panel-heist-stored-xss-to-privilege-escalation-b4c69d8487f1 https://self.best