CNNVD-202511-388 Information

CNNVD ID

CNNVD-202511-388

Related CVE

CVE-2025-57244

• CNNVD Published: 2025-11-05

Description (Chinese)

OpenKM Community Edition是西班牙OpenKM公司的一个文档管理系统。 OpenKM Community Edition 6.3.12版本存在安全漏洞，该漏洞源于用户账户创建界面中Name字段和Email字段前端验证不足，可能导致存储型跨站脚本攻击。

Description (English)

OpenKM Community Education is a document management system for OpenKM in Spain. There is a security loophole in version 6.3.12 of OpenKM Commission, which results from inadequate validation of the front-end of the name and Email fields in the user account creation interface, which may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

OpenKM

Published

2025-11-05

Last Modified

2026-02-24

References

https://github.com/wolffangsecurity/CVEs/tree/main/CVE-2025-57244 https://github.com/wolffangsecurity/CVEs/blob/main/Stored%20XSS%20via%20Input%20Fields%20with%20Inconsistent%20Client-Side%20and%20Server-Side%20Validation%20Writeup.md https://access.redhat.com/security/cve/cve-2025-57244