CNNVD-202512-2663 Information

CNNVD ID

CNNVD-202512-2663

Related CVE

CVE-2023-36337

• CNNVD Published: 2025-12-15

Description (Chinese)

Inventory Management System是stemword个人开发者的一个库存管理系统。 Inventory Management System 1版本存在安全漏洞，该漏洞源于/index.php/cuzh4组件存在反射型跨站脚本，可能导致执行任意Web脚本或HTML。

Description (English)

Inventory Management Systems is an inventory management system for the personal developers of Stemword. There is a security gap in version 1 of the Inventory Management System, which stems from the reflective cross-site script of the /index.php/cuzh4 component, which may result in the execution of any Web script or HTML.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-15

Last Modified

2026-02-24

References

https://gist.github.com/nguyenkhanhthuan/f345c8ea0551c10ead197680f2ba9c66 https://github.com/ThuanNguyen115685/Report/blob/main/XSS.md https://access.redhat.com/security/cve/cve-2023-36337