CNNVD-202512-3951 Information

CNNVD ID

CNNVD-202512-3951

Related CVE

CVE-2025-65790

• CNNVD Published: 2025-12-22

Description (Chinese)

Real Time Logic FuguHub是Real Time Logic公司的一款使用 Barracuda Application Server SDK 开发的消费产品。 Real Time Logic FuguHub 8.1版本存在安全漏洞，该漏洞源于/fs/文件管理器接口处理SVG文件时未清理或限制脚本执行，可能导致执行攻击者控制的JavaScript。

Description (English)

Real Time Logic Fuguhub is a consumer product developed by Real Time Logic using Barracuda Application Server SDK. Real Time Logic FuguHub 8.1 has a security loophole, which originates from the fact that the SVG file was not cleared or restricted by the SVG interface, which could lead to the execution of the attacker-controlled JavaScript.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Real Time Logic

Published

2025-12-22

Last Modified

2026-02-24

References

https://fuguhub.com/ https://github.com/hunterxxx/FuguHub-8.1-Reflected-SVG-XSS-CVE-2025-65790 https://access.redhat.com/security/cve/cve-2025-65790