CNNVD-202512-2633 Information

CNNVD ID

CNNVD-202512-2633

Related CVE

CVE-2023-53884

• CNNVD Published: 2025-12-15

Description (Chinese)

Webedition CMS是德国Webedition公司的一个开源 Web 应用程序框架。 Webedition CMS v2.9.8.8版本存在安全漏洞，该漏洞源于存在存储型跨站脚本漏洞，可能导致上传恶意SVG文件并执行任意脚本。

Description (English)

The WebDiction CMS is an open-source Web application framework for the German company WebDiction. There is a security loophole in version CMS v2.9.8.8, which stems from the existence of a storage cross-site script loophole, which could lead to the uploading of malicious SVG documents and the execution of any script.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Webedition

Published

2025-12-15

Last Modified

2026-02-24

References

https://www.webedition.org/ https://www.exploit-db.com/exploits/51662 https://www.vulncheck.com/advisories/webedition-cms-v-stored-cross-site-scripting-via-svg-upload https://access.redhat.com/security/cve/cve-2023-53884