CNNVD-202512-042 Information
Dec 01, 2025
cve
CNNVD ID
CNNVD-202512-042
Related CVE
- CNNVD Published: 2025-12-01
Description (Chinese)
Todoist是Todoist公司的一个任务管理与待办事项应用。 Todoist v8896版本存在安全漏洞,该漏洞源于/api/v1/uploads中对上传SVG文件未进行清理,可能导致跨站脚本攻击。
Description (English)
Todoist is a task management and to-do application of Todoist. The version of Todoist v8896 contains a security loophole, which originates from/api/v1/uploads that has not been cleared of uploading SVG documents, which could lead to cross-site scrip attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Todoist
Published
2025-12-01
Last Modified
2026-02-24
References
https://github.com/sefabasnak/Todoistv8896 https://access.redhat.com/security/cve/cve-2025-63317
Share on: