CNNVD-202511-377 Information

CNNVD ID

CNNVD-202511-377

Related CVE

CVE-2025-55341

• CNNVD Published: 2025-11-05

Description (Chinese)

Ecuador Quipux是厄瓜多尔Ecuador公司的一个电子文档管理与流程系统。 Ecuador Quipux 4.0.1版本至e1774ac版本存在安全漏洞，该漏洞源于文件anexos/anexos_nuevo.php中参数asocImgRad处理不当，可能导致跨站脚本攻击。

Description (English)

Ecuador Quipux is an electronic document management and process system of the Ecuadorian company Ecuador. There is a security loophole between Ecuador Quipux, Versions 4.01 and e1774ac, which stems from the inappropriate handling of the parameter asocImgrad in document anexos/anexos nuevo.php, which could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Ecuador

Published

2025-11-05

Last Modified

2026-02-24

References

https://minka.gob.ec/quipux-comunitario/quipux-comunitario https://seguridaddigital.ec/research/20251101/report-20251101.en.pdf