CNNVD-202512-2403 Information
CNNVD ID
CNNVD-202512-2403
Related CVE
- CNNVD Published: 2025-12-12
Description (Chinese)
Japan Total System GroupSession Free edition和Japan Total System GroupSession byCloud都是日本Japan Total System公司的一个企业协作软件。 Japan Total System GroupSession Free edition 5.3.0之前版本、Japan Total System GroupSession byCloud 5.3.3之前版本和GroupSession ZION 5.3.2之前版本存在跨站脚本漏洞,该漏洞源于反射型跨站脚本问题,可能导致任意脚本执行。
Description (English)
Papan Total System GroupSevent Free Order and Papan Total System GroupSsession byClaud is a collaborative business software for Japan Total System. There is a cross-site script loophole in the pre-Japan Total System Group Free Order 5.3.0, pre-Japan Total System Group Process by Cloud 5.3.3 and pre-GroomScript ZION 5.3.2, which stems from the problem of reflective cross-script scripts, which may lead to arbitrary script execution.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
Japan Total System
Published
2025-12-12
Last Modified
2026-02-24
References
https://groupsession.jp/info/info-news/security20251208 https://jvn.jp/en/jp/JVN19940619/
Patch
https://groupsession.jp/dl/dl.html
Share on: