CNNVD-202512-3733 Information

CNNVD ID

CNNVD-202512-3733

Related CVE

CVE-2025-67845

• CNNVD Published: 2025-12-19

Description (Chinese)

Mintlify是美国Mintlify公司的一个AI驱动的文档平台。 Mintlify 2025-11-15之前版本存在安全漏洞，该漏洞源于Static Asset Proxy Endpoint中目录遍历，可能导致任意Web脚本或HTML注入。

Description (English)

Mintlifty is an AI-driven document platform for Mintlifty in the United States. There was a security loophole in the pre-Mintlify 2025-11-15 version, which originated from the catalogues in the Static Assembly Proxy Endpoint, which could lead to any type of Web script or HTML injection.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Mintlify

Published

2025-12-19

Last Modified

2026-02-24

References

https://heartbreak.ing/ https://kibty.town/blog/mintlify/ https://news.ycombinator.com/item?id=46317098 https://www.mintlify.com/blog/working-with-security-researchers-november-2025 https://www.mintlify.com/docs/changelog https://access.redhat.com/security/cve/cve-2025-67845

Patch

https://www.mintlify.com/