CNNVD-202512-2310 Information

CNNVD ID

CNNVD-202512-2310

Related CVE

CVE-2025-14580

• CNNVD Published: 2025-12-12

Description (Chinese)

Qualitor是Qualitor公司的一个管理服务流程和集中服务平台。 Qualitor 8.24.73及之前版本存在代码注入漏洞，该漏洞源于对文件/Qualitor/html/bc/bcdocumento9/biblioteca/request/viewDocumento.php中参数cdscript的错误操作，可能导致跨站脚本攻击。

Description (English)

Qualitor is a Qualitor management service process and centralized service platform. Qualitor 8.24.73 and earlier versions had a code-injecting loophole, which stemmed from an error in the parameters cdscript in document/Qualitor/html/bc/bcdocuments9/biblioteca/request/viewDocumento.php, which could lead to a cross-site script attack.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

Qualitor

Published

2025-12-12

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.336201 https://vuldb.com/?id.336201 https://vuldb.com/?submit.705193