CNNVD-202512-3157 Information

CNNVD ID

CNNVD-202512-3157

Related CVE

CVE-2023-53913

• CNNVD Published: 2025-12-17

Description (Chinese)

Rukovoditel是Rukovoditel团队的一套基于Web的开源项目管理软件。该软件具有项目管理、客户关系管理等功能。 Rukovoditel 3.3.1版本存在安全漏洞，该漏洞源于firstname字段清理不当，可能导致CSV注入攻击。

Description (English)

Rukovoditel is a Web-based open-source project management package for the Rukovoditel team. The software has project management, customer relationship management, etc. The Rukovoditel 3.3.1 version has a security loophole, which stems from a miscleaning of the firstname field, which could lead to an attack by the CSV.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Rukovoditel

Published

2025-12-17

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/51490 https://www.rukovoditel.net/ https://www.vulncheck.com/advisories/rukovoditel-csv-injection-via-user-account-export https://access.redhat.com/security/cve/cve-2023-53913

Patch

https://www.rukovoditel.net/download.php