CNNVD-202512-2404 Information
CNNVD ID
CNNVD-202512-2404
Related CVE
- CNNVD Published: 2025-12-12
Description (Chinese)
Japan Total System GroupSession Free edition和Japan Total System GroupSession byCloud都是日本Japan Total System公司的一个企业协作软件。 Japan Total System GroupSession Free edition 5.3.0之前版本、Japan Total System GroupSession byCloud 5.3.3之前版本和GroupSession ZION 5.3.2之前版本存在跨站脚本漏洞,该漏洞源于存储型跨站脚本问题,可能导致任意脚本执行。
Description (English)
Papan Total System GroupSevent Free Order and Papan Total System GroupSsession byClaud is a collaborative business software for Japan Total System. There is a cross-site script loophole in the pre-Japan Total System Group Groupsession Free edition 5.3.0, the pre-Japan Total System Groupsession by Cloud 5.3.3 and the pre-Groupsession ZION 5.3.2, which stems from storage-type cross-site scripts, which may lead to arbitrary script execution.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
Japan Total System
Published
2025-12-12
Last Modified
2026-02-24
References
https://groupsession.jp/info/info-news/security20251208 https://jvn.jp/en/jp/JVN19940619/
Patch
https://groupsession.jp/dl/dl.html
Share on: