CNNVD-202512-4924 Information

CNNVD ID

CNNVD-202512-4924

Related CVE

CVE-2024-30855

• CNNVD Published: 2025-12-29

Description (Chinese)

DesDev DedeCMS（织梦内容管理系统）是中国卓卓（DesDev）公司的一套基于PHP的开源内容管理系统（CMS）。该系统具有内容发布、内容管理、内容编辑和内容检索等功能。 DesDev DedeCMS v5.7版本存在安全漏洞，该漏洞源于/src/dede/makehtml_list_action.php存在跨站请求伪造漏洞。

Description (English)

DesDev DedeCMS is a PHP-based open-source content management system (CMS) for DesDev, China. The system has content publishing, content management, content editing and content retrieval functions. There is a security loophole in DesDev DedecMS v. 5.7, which stems from a cross-site request for forgery.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

卓卓

Published

2025-12-29

Last Modified

2026-02-24

References

https://gist.github.com/Limingqian123/e90a1b86c02bd83d4ab07c08cad9a629 https://github.com/Limingqian123/cms/blob/main/1.md