CNNVD-202512-2398 Information
CNNVD ID
CNNVD-202512-2398
Related CVE
- CNNVD Published: 2025-12-12
Description (Chinese)
Japan Total System GroupSession Free edition等都是日本Japan Total System公司的一个企业协作软件。 Japan Total System多款产品存在安全漏洞,该漏洞源于WebSockets未验证来源,可能导致聊天信息泄露。以下产品及版本受到影响:GroupSession Free edition 5.3.0之前版本、GroupSession byCloud 5.3.3之前版本和GroupSession ZION 5.3.2之前版本。
Description (English)
Papan Total System Group Session Free edict is a collaborative business software for Japan Total System. There is a safety loophole in the Jepan Total System ’ s multiple products, which stems from the unverified source of WebSockets and could lead to the disclosure of chat messages. The following products and versions have been affected: pre-Groupsession Free extension 5.3.0, pre-Groupsession by Cloud 5.3.3 and pre-Groupsession ZION 5.3.2.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Japan Total System
Published
2025-12-12
Last Modified
2026-02-24
References
https://groupsession.jp/info/info-news/security20251208 https://jvn.jp/en/jp/JVN19940619/
Patch
https://groupsession.jp/dl/dl.html
Share on: