CNNVD-202512-3786 Information

CNNVD ID

CNNVD-202512-3786

Related CVE

CVE-2023-53950

• CNNVD Published: 2025-12-19

Description (Chinese)

InnovaStudio WYSIWYG Editor是美国InnovaStudio公司的一个富文本编辑器。 InnovaStudio WYSIWYG Editor 5.4版本存在代码问题漏洞，该漏洞源于文件上传限制绕过，可能导致上传恶意文件。

Description (English)

InnovaStudio WYSIWYG Editor is a rich text editor for InnovaStudio in the United States. InnovaStudio WYSIWYG Editor 5.4 has a code gap, which stems from document upload restrictions bypassing and may lead to the uploading of malicious documents.

Hazard Level

Low

Vulnerability Type

代码问题

Affected Vendor

InnovaStudio

Published

2025-12-19

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/innovastudio-wysiwyg-editor-unrestricted-file-upload-via-filename-manipulation https://innovastudio.com https://www.exploit-db.com/exploits/51362 https://access.redhat.com/security/cve/cve-2023-53950