CNNVD-202512-2393 Information
CNNVD ID
CNNVD-202512-2393
Related CVE
- CNNVD Published: 2025-12-12
Description (Chinese)
Japan Total System GroupSession Free edition等都是日本Japan Total System公司的一个企业协作软件。 Japan Total System多款产品存在跨站脚本漏洞,该漏洞源于反射型跨站脚本问题,可能导致任意脚本执行。以下产品及版本受到影响:GroupSession Free edition 5.3.0之前版本、GroupSession byCloud 5.3.3之前版本和GroupSession ZION 5.3.2之前版本。
Description (English)
Papan Total System Group Session Free edict is a collaborative business software for Japan Total System. There is a cross-site script loophole in the Jepan Total System ’ s multiple products, which stems from the problem of reflective cross-site scripts, which may lead to arbitrary script execution. The following products and versions have been affected: pre-Groupsession Free extension 5.3.0, pre-Groupsession by Cloud 5.3.3 and pre-Groupsession ZION 5.3.2.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
Japan Total System
Published
2025-12-12
Last Modified
2026-02-24
References
https://groupsession.jp/info/info-news/security20251208 https://jvn.jp/en/jp/JVN19940619/
Patch
https://groupsession.jp/dl/dl.html
Share on: