CNNVD-202511-477 Information
CNNVD ID
CNNVD-202511-477
Related CVE
- CNNVD Published: 2025-11-06
Description (Chinese)
ThinkDashboard是MatiasDesu个人开发者的一个轻量级的、自托管的书签仪表板。 ThinkDashboard 0.6.7及之前版本存在代码问题漏洞,该漏洞源于备份导入功能未正确验证文件类型,可能导致存储型跨站脚本攻击或恶意软件分发。
Description (English)
ThinkDashboard is a lightweight, self-hosted bookmark dashboard for Matias Desu personal developers. ThinkDashboard 0.6.7 and previous versions had a code problem loophole, which stemmed from the backup import function ’ s incorrect verification of file type, which could lead to storage-type cross-site script attacks or malicious software distribution.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
个人开发者
Published
2025-11-06
Last Modified
2026-02-24
References
https://github.com/MatiasDesuu/ThinkDashboard/commit/18d2f6aded0d6424cc4c8619731dd20563f4cfd8 https://github.com/MatiasDesuu/ThinkDashboard/security/advisories/GHSA-jvmw-hg62-jr47
Patch
https://github.com/MatiasDesuu/ThinkDashboard/releases
Share on: