CNNVD-202512-094 Information

CNNVD ID

CNNVD-202512-094

Related CVE

CVE-2025-64030

• CNNVD Published: 2025-12-01

Description (Chinese)

China Systems Eximbills Enterprise是中国China Systems公司的一个贸易金融系统。 China Systems Eximbills Enterprise 4.1.5版本存在安全漏洞，该漏洞源于对TMPL_INFO参数未清理用户输入，可能导致存储型跨站脚本攻击。

Description (English)

China Systems Eximbils Enterprise is a trading and financial system of China Systems. There is a security loophole in version 4.1.5 of China Systems Eximbils Enterprise, which results from uncleaned user input of the TMPL INFO parameter, which may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

China Systems

Published

2025-12-01

Last Modified

2026-02-24

References

https://0xy37.medium.com/stored-xss-in-chinasystems-eximbills-enterprise-v4-1-5-f8f5a79c4f0b https://chinasystems.com/whatwedo/ee https://access.redhat.com/security/cve/cve-2025-64030