CNNVD-202512-4934 Information

Dec 29, 2025 cve

CNNVD ID

CNNVD-202512-4934

CVE-2025-15200

  • CNNVD Published: 2025-12-29

Description (Chinese)

CacheCloud是SohuTV开源的一个Redis云管理平台。 CacheCloud 3.2.0及之前版本存在代码注入漏洞,该漏洞源于对文件src/main/java/com/sohu/cache/web/controller/AppClientDataShowController.java中函数getExceptionStatisticsByClient/getCommandStatisticsByClient/doIndex的错误操作,可能导致跨站脚本攻击。

Description (English)

CacheClaud is a Redis cloud management platform for SohuTV. CacheClaud 3.2.0 and previous versions contain code-inventing loopholes, which stem from errors in document src/main/java/com/sohu/cache/web/controller/AppClentDataShowController.java ’ s function GetExcourseStatisticsByClit/getCommandStatisticsByClit/doIndex, which may result in a cross-stop script attack.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

SohuTV

Published

2025-12-29

Last Modified

2026-02-24

References

https://vuldb.com/?id.338587 https://vuldb.com/?ctiid.338587 https://github.com/sohutv/cachecloud/issues/372 https://vuldb.com/?submit.716311 https://vuldb.com/?submit.716324 https://github.com/sohutv/cachecloud/issues/382 https://vuldb.com/?submit.716323 https://access.redhat.com/security/cve/cve-2025-15200

Patch

https://github.com/sohutv/cachecloud/releases

Share on: