CNNVD-202511-959 Information

CNNVD ID

CNNVD-202511-959

Related CVE

CVE-2025-41001

• CNNVD Published: 2025-11-10

Description (Chinese)

SOPlanning是SOPlanning公司的一套在线项目管理软件。 SOPlanning 1.53.02版本存在跨站脚本漏洞，该漏洞源于对文件/soplanning/www/process/options.php中参数LOGOUT_REDIRECT的用户输入验证不足，可能导致存储型跨站脚本攻击。

Description (English)

Soplanning is an online project management software package for SOplanning. The SOPlanning 1.53.02 has a cross-site script loophole, which results from insufficient user input validation of the argument Logout REDIRECT in the file/support/www/process/options.php, which may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

SOPlanning

Published

2025-11-10

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-xss-soplanning