CNNVD-202511-528 Information

CNNVD ID

CNNVD-202511-528

Related CVE

CVE-2025-63589

• CNNVD Published: 2025-11-06

Description (Chinese)

CMSimple_XH是CMSimple_XH开源的一个快速、小型、易于使用且易于安装的模块化内容管理系统（CMS）。 CMSimple_XH 1.8版本存在安全漏洞，该漏洞源于未对攻击者控制的路径段进行清理或编码，可能导致反射型跨站脚本攻击。

Description (English)

CMSimple XH is a fast, small, user-friendly and easy to install modular content management system (CMS) for CMSimple XH open source. The CMSimple XH 1.8 version contains a security loophole, which stems from the failure to clean or encode route sections under the control of the assailant and may result in a reflector-type cross-site scrip attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

CMSimple_XH

Published

2025-11-06

Last Modified

2026-02-24

References

https://github.com/cmsimple-xh/cmsimple-xh/blob/master/index.php https://github.com/cybercrewinc/CVE-2025-63589