CNNVD-202512-4113 Information

CNNVD ID

CNNVD-202512-4113

Related CVE

CVE-2021-47737

• CNNVD Published: 2025-12-23

Description (Chinese)

CSZ CMS是Cskaza Bassist个人开发者的一个开源网络应用程序，允许管理网站上的所有内容和设置。 CSZ CMS 1.2.7版本存在跨站脚本漏洞，该漏洞源于对消息标题输入验证不足，可能导致HTML注入攻击。

Description (English)

CSZ CMS is an open-source web application for Cskaza Bassist personal developers that allows for the management of all content and settings on the website. Version 1.2.7 of CSZ CMS has a cross-site script loophole, which results from inadequate verification of message titles, which could lead to an HTML injection attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

个人开发者

Published

2025-12-23

Last Modified

2026-02-24

References

https://sourceforge.net/projects/cszcms/ https://www.cszcms.com/ https://www.vulncheck.com/advisories/csz-cms-html-injection-vulnerability-via-member-dashboard https://www.exploit-db.com/exploits/48357 https://access.redhat.com/security/cve/cve-2021-47737