CNNVD-202512-2062 Information

CNNVD ID

CNNVD-202512-2062

Related CVE

CVE-2024-58292

• CNNVD Published: 2025-12-11

Description (Chinese)

XMB Forum是XMB开源的一个论坛系统。 XMB Forum 1.9.12.06版本存在跨站脚本漏洞，该漏洞源于模板和首页设置中存在持久型跨站脚本，可能导致所有论坛用户执行脚本。

Description (English)

XMB Forum is a forum system for XMB open sources. Version XML Forum 1.9.12.06 has a cross-site script loophole, which stems from the presence of a long-lasting cross-site script in the template and front page settings, which may result in the execution of scripts by all forum users.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

XMB

Published

2025-12-11

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/52044 https://www.vulncheck.com/advisories/xmb-forum-persistent-cross-site-scripting-via-admin-templates https://www.xmbforum2.com/