CNNVD-202512-2662 Information

CNNVD ID

CNNVD-202512-2662

Related CVE

CVE-2025-51962

• CNNVD Published: 2025-12-15

Description (Chinese)

microStudio是Gilles个人开发者的一个在线游戏引擎。 microStudio 24.01.29版本存在安全漏洞，该漏洞源于项目页面评论部分存在HTML注入，可能导致远程攻击者通过add_project_comment函数的text参数注入任意Web脚本或HTML。

Description (English)

MicroStudio is an online game engine for Gilles personal developers. There is a security loophole in the microStudio 24.01.29 version, which originates from the HTML injection in the commentary section of the project page, which may result in a remote attacker injecting any type of Web script or HTML through the text parameter of the add project comment function.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-15

Last Modified

2026-02-24

References

https://github.com/Sunnyshineshow/vulnerability-research/blob/main/CVE-2025-51962/CVE-2025-51962.md https://github.com/pmgl/microstudio/