CNNVD-202512-3126 Information

CNNVD ID

CNNVD-202512-3126

Related CVE

CVE-2025-67736

• CNNVD Published: 2025-12-16

Description (Chinese)

FreePBX tts是FreePBX开源的一个文本转语音组件。 FreePBX tts 16.0.5之前版本和17.0.5之前版本存在SQL注入漏洞，该漏洞源于存在SQL注入问题，可能导致信息泄露和代码执行。

Description (English)

FreePBX ttts is a text-to-speak component of FreePBX open source. FreePBX tttts 16.0.5 and 17.0.5 have a SQL injection loophole, which stems from the SQL injection problem and may lead to information leakage and code enforcement.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

Friendica

Published

2025-12-16

Last Modified

2026-02-24

References

https://github.com/FreePBX/security-reporting/security/advisories/GHSA-632c-49p9-x7cw https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80 https://access.redhat.com/security/cve/cve-2025-67736